payxessays.com Open in urlscan Pro
2606:4700:3033::ac43:c7ac Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payxessays.com/
Submission: On July 16 via api (July 16th 2023, 8:27:13 am UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3033::ac43:c7ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is payxessays.com.
TLS certificate: Issued by GTS CA 1P5 on July 15th 2023. Valid for: 3 months.

This is the only time payxessays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3033::ac43:c7ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6812:1fd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1ed4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	103.49.221.102 103.49.221.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
61	15

25 2606:4700:3033::ac43:c7ac (United States)

ASN13335 (CLOUDFLARENET, US)

payxessays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1fd4 (United States)

ASN13335 (CLOUDFLARENET, US)

img.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ed4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:903 (United States)

ASN13335 (CLOUDFLARENET, US)

cloud.jpnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.jpnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.49.221.102 (Parigi Kulon, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com

akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	payxessays.com payxessays.com	517 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	358 KB
7	okezone.com img.okezone.com — Cisco Umbrella Rank: 57824 cdn.okezone.com — Cisco Umbrella Rank: 112616	334 KB
5	detik.net.id akcdn.detik.net.id — Cisco Umbrella Rank: 31887	143 KB
4	jpnn.com cloud.jpnn.com — Cisco Umbrella Rank: 238218 www.jpnn.com — Cisco Umbrella Rank: 459631	464 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	3 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
61	11

	Domain	Requested by
25	payxessays.com	payxessays.com
9	pagead2.googlesyndication.com	payxessays.com pagead2.googlesyndication.com cdn.jsdelivr.net tpc.googlesyndication.com
6	img.okezone.com	payxessays.com
5	akcdn.detik.net.id	payxessays.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	cloud.jpnn.com	payxessays.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.jpnn.com	payxessays.com
1	cdn.okezone.com	payxessays.com
1	cdn.jsdelivr.net	payxessays.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	payxessays.com
61	15

This site contains no links.

Subject Issuer	Validity	Valid
payxessays.com GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.okezone.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-30` - `2023-09-30`	a year	crt.sh
jpnn.com Cloudflare Inc ECC CA-3	`2022-08-20` - `2023-08-20`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2023-02-21` - `2024-02-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://payxessays.com/
Frame ID: 9383F9C54C24135528B0F2E3C19E72EB
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: DA87D22C41000CAFE6198E4E4C18878A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3413457709656963&output=html&adk=1812271804&adf=3025194257&lmt=1689496023&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fpayxessays.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689496022827&bpp=489&bdt=264&idt=490&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254172206311&frm=20&pv=2&ga_vid=1999682919.1689496023&ga_sid=1689496023&ga_hid=1198461899&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31075641%2C44788441&oid=2&pvsid=1533983108900340&tmod=1221341065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508
Frame ID: A79BC810C349C7258F7C5D035FF64276
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50108A3C95C79E86B2A2217E79A66870
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43A9E34792FC63915AF5ABDB615A363C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payxessays.com - Berbagi Informasi

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

61
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1865 kB
Transfer

2916 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payxessays.com/ 123 KB
21 KB 1440ms
1370ms Document
text/html 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd661b8b2ab47408470aba08d95a55ff4a619bff6e2819cca64e8b06a881cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private,max-age=0 max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 7e78dd147d6cbbbc-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 16 Jul 2023 08:27:02 GMT
expires: Mon, 15 Jul 2024 08:27:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWVCb3BpTgobig6UwHy4znW2izEVsC3acfDyu3wKZynjbnerzmVg49p1zKps1elaHYQg5W%2Bn8oMl6vXZ9U9tqjXxDBAOa9uAKHx4DFTZxQ6I19MfEoOkBGN3gtxV2ZbCW%2BOCOtAJ7Y2beySxbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
payxessays.com/site/themes/kincaimedia/assets/css/ 197 KB
30 KB 737ms
736ms Stylesheet
text/css 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/css/styles.css?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4065e1581a4d28f5850e6922b6098cf6ff46df74fd372fae0873d4e4171629f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 19:36:06 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGNgGselSGBd%2BTcoX1hBRn4PeWgfaU7FeuITHIuUXUmWnwBpKJHoJun2D4yCQz2EVPAAr4q48b5tKro23DY7HXjcMBAlMt7DduTUWxPLz6N%2FTXr8Gy%2Bksx6xac6SvuEydbIfAPRdI0MvV1xG%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd1d1a79bbbc-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 79ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,500,600,700&display=swap&v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953e34b546f0bff3aeb2d4c4880cb3cbc1f2b98105698bd416ddf03be97949d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 08:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 08:27:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 08:27:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 122ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3413457709656963

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d042a4628824598f31ddf30bbb1524753ddbfa5f0ac83e2d858f40bae6e299ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payxessays.com/
Origin: https://payxessays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50494
x-xss-protection: 0
server: cafe
etag: 17562325214353959780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 08:27:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 356 KB
122 KB 133ms
95ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3413457709656963&plah=payxessays.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3413457709656963

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06495b728ac46c2d8391112b1fe70bb595eeedae8a480475217356477ba8080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125350
x-xss-protection: 0
server: cafe
etag: 12030986961066382981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 08:27:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame DA87 10 KB
5 KB 74ms
26ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3413457709656963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payxessays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jul 2023 18:34:31 GMT
etag: 12368291122986407432
expires: Sat, 29 Jul 2023 18:34:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
603 B 72ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=payxessays.com&callback=_gfp_s_&client=ca-pub-3413457709656963

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3413457709656963&plah=payxessays.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58116f5177e6fc006a047ff66eee422db47c016499eb639c705a65279e8e4bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=payxessays.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A79B 603 B
218 B 141ms
141ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3413457709656963&output=html&adk=1812271804&adf=3025194257&lmt=1689496023&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fpayxessays.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689496022827&bpp=489&bdt=264&idt=490&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254172206311&frm=20&pv=2&ga_vid=1999682919.1689496023&ga_sid=1689496023&ga_hid=1198461899&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31075641%2C44788441&oid=2&pvsid=1533983108900340&tmod=1221341065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payxessays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 08:27:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 everything.png
payxessays.com/site/assets/img/ 398 B
880 B 583ms
582ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/assets/img/everything.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e80cecde94e949338b581c600baded9fb2e1399f18e47aa2cd7ed9fd6317232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 398
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbVQK7azTIln4HMiGTVxsAq%2F%2BUc9oUxiDYsffo9HqHB3S6GcfIT1S8f0SmKFgw%2BgryIXXWSwSvS478OfVWHXTtM2kpkP7Zg3nmOSY1TzmFnz7TnjqPQ7rB%2BOzZhWC2BFioaM3BNz3rnMnGCyTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3792a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-delivery-13-48.png
payxessays.com/site/uploads/2019/Oct/04/ 16 KB
17 KB 728ms
727ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-delivery-13-48.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef88f528a5d1c110782f7d8cfbaa2acb6311adebc512bac7a2ed4243ff6918d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16867
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO9zCcqaNI8CG20caKLqSQ%2FXwvlG7wXSWQ8Y0fGxIjV2ogNWoDjycqRqvwhxX46iOyubAGM2vWHlWeJs4%2FKm6zQa3xOJvOBLxgdYbpQ9f41V3BNl6WkfFg3%2FFv1yFV8NH%2BgitkbaV8UMiEacwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3892a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-building-35-48.png
payxessays.com/site/uploads/2019/Oct/04/ 15 KB
16 KB 709ms
707ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-building-35-48.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77340e30ad686a7d5595890622e9c5d1718eda26fd0deeceda1bf751ba2f78d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15428
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eX9lKsm0jP1BzsQRrXBiG%2FgWsjQlP4Qn%2Fg28BEVdMAcVBrkvAUmTjqULMV3aw0yM01UCfeE3wSb6dzOIi0SIIqit6lOpObxntSWFiIa5pWQcv3XCM0WfrLRFFiABlj63u%2F0vvRskAgFcnvyYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3992a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-map-8-48.png
payxessays.com/site/uploads/2019/Oct/04/ 16 KB
17 KB 729ms
727ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-map-8-48.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5cc18efea85afe3c48d25cb1fb87e19bcecd962e585eeb23512cca4abf566fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16446
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqezXEjTQQo5P8HDD3eEKfBIbAoHY8UlH1ugUD7dRi0nAz7dNd3HmzJCi3PtnCtAKzRXdTSrH%2FHiDjxkb1Li8wzEP6pmbzpodSWlr1Cvu7q93b2BnI5t6qrjX8%2F8cSj%2BswXGzgpxOphmwfhXzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3a92a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-chart-6-48.png
payxessays.com/site/uploads/2019/Oct/04/ 15 KB
16 KB 748ms
746ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-chart-6-48.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ca39caeffc18432d3459844918984e6b34300c4d2ea73ed5bf808da09d330a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15619
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GYU1V1szXS8eY99rztnUcF4iPOF%2BBZynaoB9bcvPFJWQFIm%2FWI9DpQ0ZbjUvAnS2PJ8iwz6IaZ9UPE4BOatnIszTsA9k9y72O4kaFzTf3ASXDYAlveIK7smU3DHIQhw8442HBRatgJN6MZ9Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3c92a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-soccer-1-32.png
payxessays.com/site/uploads/2019/Oct/04/ 2 KB
2 KB 582ms
581ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-soccer-1-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3ba340099e1d408fe652e4c81f2da87378d321912c6455c7052e81e185b1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1546
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YopPrJ8wXNRam7z8L7yRcNHXue49Z%2BZzfTcMsHnxqqC%2BXvuR5Pql8Mmoidw5%2Bi4JMFJbNl9kZzadnFZwUYxHEN4XqwzT8rkUyF31lpnI2scugJ%2BV%2FocRCcVloGsysCfKsKMVrIZBxvejOWj9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3e92a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-party-15-32.png
payxessays.com/site/uploads/2019/Oct/04/ 1 KB
2 KB 581ms
579ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-party-15-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166fbbbfbb81e0b2aa1829dd5190caf1c1d5e3770ab0d82e8d420df4cfa6abe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1126
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXD0HFJqwoejz7UcWMHMXAbgg5mMADUjn9DNeToW1pKaMi%2FqaMlDkzi9mhczBWPtlMZT5FPkwYYpI9V6kGc5Gnse0asvdCuCawEO2BovOMp590tYMGaItgmiAdYPnDvN%2Fbx6%2BZPwIim4VZln9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef3f92a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-glasses-13-32.png
payxessays.com/site/uploads/2019/Oct/04/ 837 B
1 KB 583ms
581ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-glasses-13-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a3384f28655d54ee3c773771d4efd67201819623e29f505838229182e006cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 837
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miv2pusLye8B6ocr49LATe1x%2FmUmM5UZNbuhmqmuCMjSxyQcj3tcUquhGBpJredeiwZpzyEymy9zCDG46Y%2B5uOXQhyNZZ7O5dk8gYnwoB%2FKMtGbOk4OImgL8NZT0%2Bp%2FMtAqIQgvDn60Nk2Gxog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef4092a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-battery-10-32.png
payxessays.com/site/uploads/2019/Oct/04/ 412 B
890 B 583ms
581ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-battery-10-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2c144f45a057c6f944b1a0d58de8eeb55032e20b6a89a6803f7b813ebfa245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 412
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WSNra4Kg5rAiGFE8teOHY6L13zX2OhCb55Agelu%2B4Qe3SusqNBbDAQaHEAVv%2BSigCSIJV11qJGr%2FhW%2FFAR4t3NX%2BjffKPdomtsfTXfWksqB0estE8OnQrohRzeot18zr5DLQdcOoJanbmJZbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef4192a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-book-17-32.png
payxessays.com/site/uploads/2019/Oct/04/ 671 B
1 KB 579ms
577ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-book-17-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11c73cd1795cbb74af317b1c63dc9ffd0bac19fd766d10dfa6ee78277391901c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=416qfjIdv58ljxcd0rU9NekahRrH4Pl2iRqhJxq0czhmbB4YEVF28CYWt%2Fax2sjUnMREgwK1k7SVQwtxg3SLPhrQa9zNHvK0eJUFIJRZX4d50yKmrjIlA%2FFgE%2B93UjICBBoC1S8N9v2%2BLhoTzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef4292a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-school-18-32.png
payxessays.com/site/uploads/2019/Oct/04/ 2 KB
2 KB 551ms
549ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-school-18-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a616ecab96a7e000215ea42344c7ddea35402e9ab3253d55f2ebc6de45e4ad54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1930
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAk%2FHd%2B6HQHIGBfagF3ORH9A7MlejXZ3DfywyzE7y9rQ0OUhnMSMb7v81A59dCr2aEGrYzK3C3Fzrtms7J9TQ9yQE6bIcP20pwrPcqRKbUh%2BtP3%2FNhhuhBhBiVxhB2LD2KY87mzXgIuq361uig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef4492a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 iconmonstr-medical-6-32.png
payxessays.com/site/uploads/2019/Oct/04/ 1012 B
1 KB 551ms
550ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2019/Oct/04/iconmonstr-medical-6-32.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851596196e9ac893121cdc4543df454c98e019b7d87ff25c6854d0cd800245cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1012
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyfRrBaZnK3IfL5ftTg7A6GSRcw4uBEdz2cK98ZfafuOZ0RpwDRD0B3DKcHYabXaR0Td6YfgOyO5jOpv60O8e8HnqgjXxRYgdcoofpJaRrm6MKqll7utOffvXEf4TvYL4gqD9zXmrRMSTSNrMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd21ef4592a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,500,600,700&display=swap&v=2.0.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payxessays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 17:13:14 GMT
x-content-type-options: nosniff
age: 314029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 17:13:14 GMT

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 jquery-3.3.1.min.js Show response
payxessays.com/site/assets/js/ 85 KB
31 KB 729ms
729ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/assets/js/jquery-3.3.1.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Dec 2020 13:00:00 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oKP0cc5onCXNMWQUykCF09iVN3wdyvfRGIxFzl7VU3MY2h5ijkq2nAAU5yyiwFBAT9n013%2FEJVKoza8MugusuTGOVb1OJhIUHlorMw4aPRN5SJ7moEFMmd5MuRLk%2FRA%2Fn9N3nOH7YJ2dXYMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd227fb892a5-FRA
expires: Mon, 15 Jul 2024 08:27:03 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 77 KB
23 KB 723ms
723ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/bootstrap.bundle.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e3f4cdc282dc2223fa74f47f49bf78cf0d5ead8b667f6c431e390a2abd1c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Nov 2022 18:10:40 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FR8LYZWmcDwGTWGRN8%2BIqNaHf%2B0ITYCUL4SLsoVTR8i5xmmlMZ%2BduRBfNxaVhRKdZ4KxpntnugvEb2nGxklBCuWMQ3jnqyL2qvkpKToj3OLaIqfEJFLev%2FXUN%2FaEp1A6owCSCDrqf6tnpa%2FXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd272b6b92a5-FRA
expires: Mon, 15 Jul 2024 08:27:04 GMT

GET
H3 200 theme.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 5 KB
2 KB 589ms
588ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/theme.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e09efc74f06a298bd9cf444c8e728f65e039db3d869bd8cf9bf17ee214a0b2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 09:43:08 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=665YqcMVE1nzxbXGnkpBLhkQ2NT0loQAIBPe1IgjWCnqglvQbD378Z2qS7E2fnnKw%2B9x3H%2BO2wBRNLLhAGBcqus3fNlQLl1GOoM3SiRhpCxvPmP3v7WCZ3vB5xnNCTQA%2FNVrcGCikRWKlN7u1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd2bbf0c92a5-FRA
expires: Mon, 15 Jul 2024 08:27:05 GMT

GET
H3 200 jquery.auto-complete.min.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 4 KB
2 KB 589ms
589ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/jquery.auto-complete.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cece1097f127c3259563e9936c64b658830b75f606b503a191e52d39ac0a6556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:02:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM9v3ndBayJRCjD62a9HIFuAlGjpA5a9da82MJg%2FreSFAnzyXQiOC2JvUEvjIhsfflj0lrRUPagBnalbiGslxdOQUWIDrAghiJ4uz6pnGoMM3FNvW4zloDQ6gETfOShf0xPQU7Dap45v6UjcsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd2f6a1e92a5-FRA
expires: Mon, 15 Jul 2024 08:27:05 GMT

GET
H2 200 seosecretidnblockads.js Show response
cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/ 4 KB
3 KB 69ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/seosecretidnblockads.js

Requested by

Host: payxessays.com
URL: https://payxessays.com/site/themes/kincaimedia/assets/js/theme.js?v=2.0.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc708c85df81b6ebfc6249fda2d3ea516131039f3c167266624f94dc680dbe7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jul 2023 08:27:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8892
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2393
x-served-by: cache-fra-etou8220112-FRA
x-jsd-version-type: branch
etag: W/"11db-hPCiGXMtTPXVqpquemrAx3LiSZk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/seosecretidnblockads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

701530c6f677f5b82ef4c11fdbd7c03ea72db38cb3611624e7dbc770044f2fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50427
x-xss-protection: 0
server: cafe
etag: 16847834045102715911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 08:27:05 GMT

GET
H3 200 jquery.sticky-sidebar.min.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 10 KB
4 KB 589ms
589ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/jquery.sticky-sidebar.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2890adb9bd41a5801dbd2ba5a6d904c9f804e828d1b53f6c3d008f8eef1d868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:02:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz7vK1vnLJMgzubsE9PN5Is2Fi8hxbmn6jKA%2FfaIN8SoOlElK1VwlLRBbCehcr%2BRN0u5vjbH4SNxET0H2ktcMfgRncSCJnhE2n%2BhNrWt1rGOaKyvYWaxeFLkXWvwCup2cFFsbMnec8OCKjfz7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd331e6b92a5-FRA
expires: Mon, 15 Jul 2024 08:27:06 GMT

GET
H3 200 jquery.unveil.min.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 661 B
856 B 220ms
219ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/jquery.unveil.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465f3a7af8b8519bb793bb3b515751ec06f6e724f4b9061729b67af05aa16fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:02:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO7ihxOo6zUF7zqvUZIC0ByUpcOLX9PqfTQF3u05WDTnkN8e7IYEzGMqr0l%2BKZfp%2BqTrNObN1IZyUqGwza%2Br1HfVx%2F3NbWgyj7yDaSS%2F0ZvzrWLrOD%2FAzgHNeI%2BVCAnLe45YapMif95j8Pv90g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd36ca9992a5-FRA
expires: Mon, 15 Jul 2024 08:27:06 GMT

GET
H3 200 lazysizes.src.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 8 KB
4 KB 221ms
221ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/lazysizes.src.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a65e36bdc476c668b5b4b34ea95c1ce5dd724fab7899324c343d8e13e9bd8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 22:33:20 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cuf9gT2u6BwHYuYhLXbLV3xs%2F%2BKFJ7XLJ3BN9lUuS%2FxxY3dfVw1Upl%2FE8UDF6izv8TBjPKwrCMA9PHa3%2FX3yIP7ifYVEDopLWeTzXL5ZZCgvmyEfECssi8n4P4uZJbUjucaxEmCVAwMomjx7fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd382bf392a5-FRA
expires: Mon, 15 Jul 2024 08:27:06 GMT

GET
H3 200 20230714_114743.png
payxessays.com/site/uploads/2023/Jul/15/ 315 KB
315 KB 947ms
946ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/uploads/2023/Jul/15/20230714_114743.png?2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90386b5b2829401deb128271b1da588cff1428bc68a69a5ef4cf004abab89955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 322089
x-xss-protection: 1; mode=block
last-modified: Sat, 15 Jul 2023 02:11:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCoD8m8jOixgWyvsepjL3Nh5dF4cYVeiXuwO%2FObNfBEXIFg4t8GYtJnb6B7ftjh5UELD%2BmdUNpdJxt5BRai0Urr3r1VWQ0J887vEOsKUgHthxquFaynbAi8HqWbNHGNfm5PqVM7Lz07jHeFlSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd399ce992a5-FRA
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 guru-spiritual-yang-tewaskan-3-orang-di-bogor-ditetapkan-tersangka-orALywiJGd.jpg
img.okezone.com/content/2023/07/16/338/2847132/ 85 KB
86 KB 95ms
30ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/content/2023/07/16/338/2847132/guru-spiritual-yang-tewaskan-3-orang-di-bogor-ditetapkan-tersangka-orALywiJGd.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ed4de1a2da84254cd27e4c7fd790645e5aaabfd130b5db1a8e257623954106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA53-C1
age: 21013
cf-polished: origSize=88559
x-cache: Miss from cloudfront
content-length: 87126
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jul 2023 02:30:20 GMT
server: cloudflare
etag: "64b3563c-159ef"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd39fad235f8-FRA
link: <http://img.okezone.com/content/2023/07/16/338/2847132/guru-spiritual-yang-tewaskan-3-orang-di-bogor-ditetapkan-tersangka-orALywiJGd.jpg>; rel="canonical"
x-amz-cf-id: GcL2dCOSHhgzMrzIdYcUiTAR_LssATo2pFCeSVG8nI3QTv1OtVgjWA==
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 icon-okz.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 13 KB
13 KB 571ms
511ms Image
image/png 2606:4700::6812:1ed4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/icon-okz.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ed4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331807c65e4e1658df47fc26f6004e37ea2db17b690a02ab48a03652a04b25ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 21109
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 13160
server: cloudflare
etag: W/"PSA-aj-f64yA-tzpA"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=865737
accept-ranges: bytes
cf-ray: 7e78dd39fc2018e1-FRA
x-amz-cf-id: ul2pglHZYXTg7UFwszpBTSGLD_4WPiGxaQF97sB2uxNVMC-y1YexgQ==
expires: Wed, 26 Jul 2023 08:56:05 GMT

GET
H2 200 rano-alfath-menilai-perlu-evaluasi-menyeluruh-pada-pt-antam-2abt.jpg
cloud.jpnn.com/photo/arsip/normal/2023/07/16/ 125 KB
126 KB 84ms
28ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.jpnn.com/photo/arsip/normal/2023/07/16/rano-alfath-menilai-perlu-evaluasi-menyeluruh-pada-pt-antam-2abt.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b578a24c4078bd1217f434641021e8decddf71f1f900808785283c7c4c000168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000836472-0064b35672-3a7316f1-sgp1a
age: 21352
cf-polished: degrade=85, origSize=202870, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-length: 128066
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Jul 2023 02:28:59 GMT
server: cloudflare
etag: "7b7ae7d90ca0757f2410d694647a1b93"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1689474675.dop232.am5.t,1689474675.cds283.am5.c
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQCyZVHXWL7bRpxNX9bdGoU29i%2FF5Dev4QZJZDRUyHxPiao2Pr%2BkaqSx2kXjjve%2BbdaWC4s144iaa%2Bc0L3JBVXzcufmGaZbf%2F5Zz%2BGSaPFVo8v4Uj5poYR0G3FV%2FYq5EFR9B91uR4VtP4B2m"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604799
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7e78dd39eb591e6c-FRA

GET
H2 200 logojpnncom.png
www.jpnn.com/assets/img/ 4 KB
5 KB 80ms
25ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jpnn.com/assets/img/logojpnncom.png
Requested by: Host: payxessays.com
URL: https://payxessays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17325e35bab8d26d4c93b1dd793f6b300c052be9aab3b46574735e8ee51389c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437301
cf-polished: origFmt=png, origSize=7158
content-disposition: inline; filename="logojpnncom.webp"
content-length: 4096
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 26 Sep 2019 09:49:20 GMT
server: cloudflare
etag: "5d8c89a0-1bf6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5OMQ%2B08ULa3dVS9sc5v%2BciDe6Qbg9%2Fgljyze5FfbTh7ONSXbRf15YtME4R8n68oMGEzXXvWcHBDjyo4QYITdPIgXSsDbTnkJzTxukLRtkySnBtGL0wJYE1a5M8WDpyvVd39ukIJd8M%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000,public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7e78dd39ea432c79-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 claudia-alexandra-scheunemann-penyerang-timnas-putri-indones-jeys.jpg
cloud.jpnn.com/photo/arsip/normal/2023/07/16/ 88 KB
89 KB 101ms
45ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.jpnn.com/photo/arsip/normal/2023/07/16/claudia-alexandra-scheunemann-penyerang-timnas-putri-indones-jeys.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7b6fbd6f728acf4cfd6a99381ebf7ec3b7273cf92255f1db0d0371fa242550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000008341d9-0064b35609-3a6f4ef0-sgp1a
age: 21084
cf-polished: degrade=85, origSize=152183, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-length: 90361
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Jul 2023 02:28:06 GMT
server: cloudflare
etag: "fc6dceae9782c893e92c02997f66841f"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1689474943.dop254.am5.t,1689474943.cds286.am5.c
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BQcIquVgeJBYU8v5ZdEa6QXg%2BdAIIZIi0K%2FF%2F%2FY1CcnKFAHJ%2BwHwlMO9t7uTdeR8k8HfUaenhxfHE04%2BNw9TTtZOI9JL6iqK%2BBxrejwp%2BpyOorIfgA6JCyn3ox14S3t%2BdA%2BH5ALNpKQR%2FVC"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604426
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7e78dd39eb5b1e6c-FRA

GET
H2 200 bak-bang-jago-pria-mabuk-bersajam-di-pasar-kemiri-beji-sempat-minta-ayam-ke-pedagang-j8xgRHwTkt.jpg
img.okezone.com/content/2023/07/16/338/2847131/ 4 KB
5 KB 93ms
29ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/content/2023/07/16/338/2847131/bak-bang-jago-pria-mabuk-bersajam-di-pasar-kemiri-beji-sempat-minta-ayam-ke-pedagang-j8xgRHwTkt.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74f85e1e4a8f53a76dff734456e9c2ed717dbfae124a0c84ec7a9c62a7fb8934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA53-C1
age: 21715
cf-polished: origSize=4521
x-cache: Miss from cloudfront
content-length: 4354
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jul 2023 02:21:48 GMT
server: cloudflare
etag: "64b3543c-11a9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd39fad435f8-FRA
link: <http://img.okezone.com/content/2023/07/16/338/2847131/bak-bang-jago-pria-mabuk-bersajam-di-pasar-kemiri-beji-sempat-minta-ayam-ke-pedagang-j8xgRHwTkt.jpg>; rel="canonical"
x-amz-cf-id: 7QRNzSBsRq32GNbtS2cq1Ut1ODYqKzeMCDx90_CBJns_RHw0IoUl2A==
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H3 200 lazyload.min.js Show response
payxessays.com/site/themes/kincaimedia/assets/js/ 9 KB
3 KB 584ms
584ms Script
application/javascript 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payxessays.com/site/themes/kincaimedia/assets/js/lazyload.min.js?v=2.0.7

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ee873dabe85e8efde99a7f6eaeadb38a873a812a7f2757117497e4da233f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Jan 2023 14:28:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jynPdOGNRBuM8LRIjgfHz9LiF%2BhC%2FKg61IgttcW9IXlSuOrqne0JVmGOfQpzw0j7%2FPCgtGAYDXKHM40ATTxXQUasD87lOkEAWPAlyp1pT%2B0L2fka8LGqG55osL17FMrmAHfGdKhFp72166q%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7e78dd399cf092a5-FRA
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 benjamin-mendy-manchester-city-pelecehan-seksual-pesepakbola-pemerkosaan-pesepakbola_169.jpeg
akcdn.detik.net.id/api/wm/2023/07/14/ 24 KB
24 KB 661ms
200ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/api/wm/2023/07/14/benjamin-mendy-manchester-city-pelecehan-seksual-pesepakbola-pemerkosaan-pesepakbola_169.jpeg?wid=54&w=650&v=1&t=jpeg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 Parigi Kulon, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

st11 /

Resource Hash

15b5ef2481386d6ecc8eeaa90ad9964b6528f0996a058572e2e61ad2f7b0cf45

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
middle-cache: HIT
content-encoding: gzip
server: st11
cache_wm: HIT, MISS
cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f4eab726-126b-457d-b00f-9c393b82c8b2_169.jpg
akcdn.detik.net.id/api/wm/2015/09/07/ 38 KB
38 KB 660ms
200ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/api/wm/2015/09/07/f4eab726-126b-457d-b00f-9c393b82c8b2_169.jpg?wid=54&w=650&v=1&t=jpeg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 Parigi Kulon, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

st11 /

Resource Hash

e86360cf4e0e03556793a243c7d061d6384c435b0226bab7c3108303b5f4370a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
middle-cache: HIT
content-encoding: gzip
server: st11
cache_wm: HIT, MISS
cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lisa-marie-presley-di-golden-globe-awards-2023-6_169.jpeg
akcdn.detik.net.id/api/wm/2023/01/13/ 31 KB
31 KB 1247ms
787ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/api/wm/2023/01/13/lisa-marie-presley-di-golden-globe-awards-2023-6_169.jpeg?wid=54&w=650&v=1&t=jpeg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 Parigi Kulon, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

st11 /

Resource Hash

696cc2aacf6276472f530071f83d58c8b58e858378931c7967c54df0efacb9f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
middle-cache: MISS
content-encoding: gzip
server: st11
cache_wm: MISS, MISS
cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masya-allah-alquran-dan-sains-ungkap-rasa-manis-delima-bermanfaat-untuk-lambung-hingga-paru-paru-hKniDJjiv3.jpg
img.okezone.com/content/2023/07/15/614/2846797/ 25 KB
25 KB 74ms
73ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/content/2023/07/15/614/2846797/masya-allah-alquran-dan-sains-ungkap-rasa-manis-delima-bermanfaat-untuk-lambung-hingga-paru-paru-hKniDJjiv3.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9859fdd04a1654435752ed8b5e612bf61fc048b511420abefb3e9941c7c1a0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA53-C1
age: 89931
cf-polished: origSize=27690
x-cache: Miss from cloudfront
content-length: 25549
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sat, 15 Jul 2023 02:53:19 GMT
server: cloudflare
etag: "64b20a1f-6c2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd3a8b6635f8-FRA
link: <http://img.okezone.com/content/2023/07/15/614/2846797/masya-allah-alquran-dan-sains-ungkap-rasa-manis-delima-bermanfaat-untuk-lambung-hingga-paru-paru-hKniDJjiv3.jpg>; rel="canonical"
x-amz-cf-id: zeIqggcGIyyE3HsKz640mMD2S1CvDdQ0NXFHZI4kroI3KVOxWl_hnQ==
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 hasil-badminton-asia-junior-championships-2023-alwi-farhan-dan-zidane-attauba-kleopas-binar-gagal-ke-final-NdISwdvHOT.jpg
img.okezone.com/content/2023/07/15/40/2846971/ 95 KB
96 KB 837ms
837ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/content/2023/07/15/40/2846971/hasil-badminton-asia-junior-championships-2023-alwi-farhan-dan-zidane-attauba-kleopas-binar-gagal-ke-final-NdISwdvHOT.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810713fe190bf05adc866d64090c0d63cb989ffe2965cb7a0ea7a47c215772b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-length: 97692
x-xss-protection: 1; mode=block
last-modified: Sat, 15 Jul 2023 11:42:43 GMT
server: cloudflare
etag: "64b28633-17d9c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd3a8b6735f8-FRA
link: <http://img.okezone.com/content/2023/07/15/40/2846971/hasil-badminton-asia-junior-championships-2023-alwi-farhan-dan-zidane-attauba-kleopas-binar-gagal-ke-final-NdISwdvHOT.jpg>; rel="canonical"
x-amz-cf-id: NMbJM56VvOXUy4MOkH-OdFtNa4wXAhsQWBIJL4Wzenx9QwTHZtTVOA==
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7982307915935752

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f900e78a123fd3dc1b72c481e47d7387a22ff098ec49722f2332032645332830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payxessays.com/
Origin: https://payxessays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50501
x-xss-protection: 0
server: cafe
etag: 17653594699348150547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 08:27:07 GMT

GET
H2 200 bunda-ini-lho-6-tanda-janin-sehat-iL0DQrypHc.jpg
img.okezone.com/content/2023/07/16/483/2847130/ 98 KB
98 KB 28ms
28ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/content/2023/07/16/483/2847130/bunda-ini-lho-6-tanda-janin-sehat-iL0DQrypHc.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45705fb28d3fde5d9e23ddd897416221e5de6c4b32608a5f57643682e198f31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA53-C1
age: 20092
cf-polished: origSize=125275
x-cache: Miss from cloudfront
content-length: 99861
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jul 2023 02:12:35 GMT
server: cloudflare
etag: "64b35213-1e95b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd3e1f5235f8-FRA
link: <http://img.okezone.com/content/2023/07/16/483/2847130/bunda-ini-lho-6-tanda-janin-sehat-iL0DQrypHc.jpg>; rel="canonical"
x-amz-cf-id: 680HrWmjYW_ik9bvI4Y_qWUPyqb6yrkZsx0isIj-iofj9PnzdmB6Pw==
expires: Mon, 15 Jul 2024 08:27:07 GMT

GET
H2 200 inter-miami-perkenalkan-lionel-messi-david-beckham-tak-sabar-lihat-debut-sang-megabintang-Szfv38ojMB.JPG
img.okezone.com/okz/300/content/2023/07/16/51/2847129/ 10 KB
11 KB 40ms
40ms Image
image/jpeg 2606:4700::6812:1fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/okz/300/content/2023/07/16/51/2847129/inter-miami-perkenalkan-lionel-messi-david-beckham-tak-sabar-lihat-debut-sang-megabintang-Szfv38ojMB.JPG

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c70264c1b001da559ee8992a67ad02e0ddb74707b3159d1c9218647732103d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22105
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=10464
x-cache: Hit from cloudfront
content-length: 10303
x-xss-protection: 1; mode=block, 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jul 2023 02:14:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e78dd3e1f5435f8-FRA
link: <http://127.0.0.1:81//okz/300/content/2023/07/16/51/2847129/inter-miami-perkenalkan-lionel-messi-david-beckham-tak-sabar-lihat-debut-sang-megabintang-Szfv38ojMB.JPG>; rel="canonical", <http://img.okezone.com/okz/300/content/2023/07/16/51/2847129/inter-miami-perkenalkan-lionel-messi-david-beckham-tak-sabar-lihat-debut-sang-megabintang-Szfv38ojMB.JPG>; rel="canonical"
x-amz-cf-id: xmBhz8QThwNZ9H_ua-eI72-UJ9m0lJPwVt_XbTAPaHWKx613qAgHMA==
expires: Wed, 13 Jul 2033 08:27:07 GMT

GET
H2 200 direktur-akadem-televisi-indonesia-atvi-dr-melitina-tecoalu-pjuo.jpg
cloud.jpnn.com/photo/arsip/normal/2023/07/16/ 244 KB
244 KB 26ms
26ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.jpnn.com/photo/arsip/normal/2023/07/16/direktur-akadem-televisi-indonesia-atvi-dr-melitina-tecoalu-pjuo.jpg

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35f27b5fba545a5c1a1eabd04a5902aa61158df59935a80f891f1f34a9fb5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000016867ae-0064b35071-3a6f6d5d-sgp1a
age: 22634
cf-polished: degrade=85, origSize=344215, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
content-length: 249518
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Jul 2023 02:04:51 GMT
server: cloudflare
etag: "453b18414dfa093492af6adca9d4fe72"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1689473393.dop008.am5.t,1689473393.cds217.am5.c
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67fDvU11a%2FzE35tBd8jSWP3iln9KxHRlTuE3oesKyuR89Od36EKgroMhgxk%2Fo%2FMSQK9KEpIQByJHwqsMF%2Frfi%2BGG5hg%2FqegHjiYbnFVxQpYVDX6cJBVdfxQTFb8UmiDh591n%2FhkQcKPy1E11"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604544
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7e78dd3e18a11e6c-FRA

GET
H3 200 en_US.png
payxessays.com/site/themes/kincaimedia/languages/en_US/ 1 KB
2 KB 583ms
583ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/themes/kincaimedia/languages/en_US/en_US.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9525b4fb695198614b6d6880daaf8dbd9131d7a7699043de2a445339c35c90ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1205
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 09:05:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGiIcTyPrCK4PdQvivLhz9edOTCTo7qMOjehO3sVhPAvOjcSj6om2C96q4DG9r%2FYEoxnR0BEElg6mrHAcyhDLn3wf5pdKENsOmoS8NJRkR81KJOskhTO12gCG2YBFtL3XA0fMypTZYuc0Ka5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd3ee9e792a5-FRA
expires: Mon, 15 Jul 2024 08:27:08 GMT

GET
H3 200 id_ID.png
payxessays.com/site/themes/kincaimedia/languages/id_ID/ 3 KB
3 KB 550ms
550ms Image
image/png 2606:4700:3033::ac43:c7ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payxessays.com/site/themes/kincaimedia/languages/id_ID/id_ID.png

Requested by

Host: payxessays.com
URL: https://payxessays.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c7ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a417652e8184751547db429e1d20d515c25bdc7ad8d24669d1a3cf9dbfcc971d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2889
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 19:44:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P%2Fwxa21mvwFtmea8oOQVraI%2BvRmoe1fxVDB1Nl2%2B%2BVvRL7uuEDNyy%2F6%2FU1z53ksRXhzHAvbegMXikjV9LwmwdAPiFzJ1aCY7glAWjxB6EfzQ7%2BmiLKH%2FWF0FdOEhlqp4zj5d4ipdic%2F0FzFLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e78dd3ee9e892a5-FRA
expires: Mon, 15 Jul 2024 08:27:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 81ms
80ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

026de1cb075e158375bf3d012cb0642be213e6a7edd4cd25b90ee1efdd66fbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11909
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/adigunawanxd/pluginsgalaxymag@master/seosecretidnblockads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

017e15cbacd57c93f3902a3d2ccce1bab1a7748ef95507915cfcfa54be655d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50430
x-xss-protection: 0
server: cafe
etag: 2812534756175909255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 08:27:08 GMT

GET
H2 200 ilustrasi-bunuh-diri_169.jpeg
akcdn.detik.net.id/api/wm/2022/04/27/ 30 KB
31 KB 203ms
202ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/api/wm/2022/04/27/ilustrasi-bunuh-diri_169.jpeg?wid=54&w=650&v=1&t=jpeg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 Parigi Kulon, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

st11 /

Resource Hash

678fbdaf25219151dbc0404546a7eb0fe292159e9e3bbe5723e27cd3ebf113eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
middle-cache: HIT
content-encoding: gzip
server: st11
cache_wm: HIT, MISS
cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-detikhealth.png
akcdn.detik.net.id/community/media/visual/2020/09/17/ 19 KB
19 KB 200ms
199ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2020/09/17/logo-detikhealth.png?d=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 Parigi Kulon, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

st11 /

Resource Hash

2a5b3ae0c0a847e1716cc19fef1392013e98a07ddc6dc5c19aef00d5f3bd55dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 17 Sep 2020 07:54:44 GMT
server: st11
etag: W/"5f631644-4b93"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 08:27:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5010 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payxessays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 51542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jul 2023 18:08:06 GMT
expires: Sun, 14 Jul 2024 18:08:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 43A9 783 B
1 KB 83ms
29ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae6d2dd4b9ba0d05d7d6ef12291e752d80cfe7ef36dafcfd496ebe459f615d38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fwv9BjtWTFq9A8r3AKC9vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payxessays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-fwv9BjtWTFq9A8r3AKC9vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 08:27:08 GMT
expires: Sun, 16 Jul 2023 08:27:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 5010 38 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 07:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 07:34:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 43A9 0
0 52ms
52ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=1533983108900340&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5010 0
10 B 18ms
17ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TMEeqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 08:27:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=1533983108900340&bg=!9vWl9aHNAAb90kgr3dI7ADkAdvg8WpS35LN2lYskPhLmXyiY8LndITwgF32jDA23Wh7kWdepDbMmWK4DU0co-_9wi9z7KKi-55ECAAAAWVIAAAAFaAEHCgDlxbUuaTrcKOLhOMuAXQq8yGIfYUHuUUZa1lUWOOqeHqmT9TYGiVy9lilWd6z7kDqOdOaqtLjovWNwV7Gsk7WFtZW3kYeu-aLpF2uBizatn2QueotXnsjwB10wBo8EQL8RubxCaIFgLvk99k_lq6EFYgjP6uQyId42wzEeMpKPfE-qD73xSZzqgLH4ibP04KnytsV0_Q8OicDDsAVLcdoxrwWGc_sDC5f5vc2IVstZKw5X2OYNqFKBMVaUSQwkH-rFlLCfjzbyFdAqXNbGFh76B7cZuyuHB817N7KZHUYRGZSxPNuSmZkCpMGbpK8knxrJ06wfzD1QVtpB4kaytLVzVIRl7aOVtaOZMJAVRL97LlA_Qt2qDDMLK6mCHcuJt_Cdcjw4mrGkZkt717RKAjp10Pma6Cc3Rr_jUf9RMwRaQkF2neqqfstsELLJmUCRRrELolMPYaJcHt70CadIAtiwMQqhwPYiF0Fo8XCe3Mu3-0sgA949ZVniklw5CRyRTkl9VHfGdrlFh6qYQ0i_wdAXrOiGRxI-7up_EY_41K0yo_S87FNJR_E6yuF5ZPB8_R0slyWlAnkZJcLmdfMHQYk4QY2tXZ-qKkJXzY5AfHXw49wQ_RTyvKD7vmzo4QfwUdDatcPcst5fADUyn7NFPEC0-WSswHC2fFY7w9DqlOblTlUGqMvSpeOtM9q0x0RR0Wz7jLRHt1fkEKkuSCBE3J74i2mEv5VljbIP2m2Jn208kKIzB68zalUQfTGWEvuwW-JOubonuHzaywshL4MKOwLnUwwOTIn_YpiMACDl0wBnyT8L7vTs6mwgs_mXOcuHRTm5VXNiPRPopVsvrDuDxcvhsmWZfHq7JWKTGT43LjGtzbFVWatkwjxoul67X4krh11Ms_Xok3DPrs0ITlA7h6q4oi9mpj93_TLLtvfS9NowVte1m18IkutkWk91x8Fp5TtlR9ZNYqnYOdCNbgnPnmtMFBqOshqXgO_kGoMSSUPeKNhUfCqP4Bkurm2VVpQF6UhMD8XTsqnis-EyaqOpk5WHIVpCYBXv2ugQQbPkCns9ZACLkZJoJiVf_0VYqDJNyx_3ijHPXbrcb7x9Z82liK3PMK8LJ_jp5iqI5RBVbz5vmW9H4My_1Np4M79xfb12JHEfjb-V7NzuOrDojgwrHSiZkOUs0jqMirfM-na7k-zkFKMn_i37wlg6CC1mopM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payxessays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payxessays.com/	1969-12-31 23:59:59	Name: __spark_sess_id Value: c67641f0e70678b6dcc53d124d3fb82e
.payxessays.com/	1970-01-20 22:39:52	Name: __gads Value: ID=3522882e5d389c9a-2256e389bee200b0:T=1689496023:RT=1689496023:S=ALNI_MYlPKf_k11ONoFhNckiLM2NRsdLRQ
.payxessays.com/	1970-01-20 22:39:52	Name: __gpi Value: UID=00000cca7806cf3f:T=1689496023:RT=1689496023:S=ALNI_MaOL9HH_l2C58j10o-xDOoZtszeVg
.doubleclick.net/	1970-01-20 13:18:16	Name: test_cookie Value: CheckForPermission
.okezone.com/	1970-01-20 13:18:17	Name: __cf_bm Value: xEW.SWAJVLPVZOaLdgFVCtHyL4Qg6BEY3JqBRCSPj_g-1689496027-0-AbiIfd0G6N8DShLXlkGgThYqnLONpe/dd334AJOmc3QmTsV8jGAjpmUr578Aqk8Vj2/5VyYGCaPEE2tqKLjhhrA=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3413457709656963&output=html&adk=1812271804&adf=3025194257&lmt=1689496023&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fpayxessays.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689496022827&bpp=489&bdt=264&idt=490&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254172206311&frm=20&pv=2&ga_vid=1999682919.1689496023&ga_sid=1689496023&ga_hid=1198461899&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31075641%2C44788441&oid=2&pvsid=1533983108900340&tmod=1221341065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
akcdn.detik.net.id
cdn.jsdelivr.net
cdn.okezone.com
cloud.jpnn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.okezone.com
pagead2.googlesyndication.com
partner.googleadservices.com
payxessays.com
tpc.googlesyndication.com
www.google.com
www.jpnn.com
103.49.221.102
2606:4700:20::681a:903
2606:4700:3033::ac43:c7ac
2606:4700::6812:1ed4
2606:4700::6812:1fd4
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a04:4e42::485
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
017e15cbacd57c93f3902a3d2ccce1bab1a7748ef95507915cfcfa54be655d16
026de1cb075e158375bf3d012cb0642be213e6a7edd4cd25b90ee1efdd66fbac
11c73cd1795cbb74af317b1c63dc9ffd0bac19fd766d10dfa6ee78277391901c
15b5ef2481386d6ecc8eeaa90ad9964b6528f0996a058572e2e61ad2f7b0cf45
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
166fbbbfbb81e0b2aa1829dd5190caf1c1d5e3770ab0d82e8d420df4cfa6abe4
17325e35bab8d26d4c93b1dd793f6b300c052be9aab3b46574735e8ee51389c2
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2a5b3ae0c0a847e1716cc19fef1392013e98a07ddc6dc5c19aef00d5f3bd55dc
331807c65e4e1658df47fc26f6004e37ea2db17b690a02ab48a03652a04b25ec
3f2c144f45a057c6f944b1a0d58de8eeb55032e20b6a89a6803f7b813ebfa245
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45705fb28d3fde5d9e23ddd897416221e5de6c4b32608a5f57643682e198f31e
465f3a7af8b8519bb793bb3b515751ec06f6e724f4b9061729b67af05aa16fe0
4bd661b8b2ab47408470aba08d95a55ff4a619bff6e2819cca64e8b06a881cce
4d7b6fbd6f728acf4cfd6a99381ebf7ec3b7273cf92255f1db0d0371fa242550
51a3384f28655d54ee3c773771d4efd67201819623e29f505838229182e006cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58116f5177e6fc006a047ff66eee422db47c016499eb639c705a65279e8e4bd5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
678fbdaf25219151dbc0404546a7eb0fe292159e9e3bbe5723e27cd3ebf113eb
696cc2aacf6276472f530071f83d58c8b58e858378931c7967c54df0efacb9f5
701530c6f677f5b82ef4c11fdbd7c03ea72db38cb3611624e7dbc770044f2fd3
74f85e1e4a8f53a76dff734456e9c2ed717dbfae124a0c84ec7a9c62a7fb8934
77340e30ad686a7d5595890622e9c5d1718eda26fd0deeceda1bf751ba2f78d8
7c3ba340099e1d408fe652e4c81f2da87378d321912c6455c7052e81e185b1ae
810713fe190bf05adc866d64090c0d63cb989ffe2965cb7a0ea7a47c215772b6
851596196e9ac893121cdc4543df454c98e019b7d87ff25c6854d0cd800245cf
8a65e36bdc476c668b5b4b34ea95c1ce5dd724fab7899324c343d8e13e9bd8fb
8ed4de1a2da84254cd27e4c7fd790645e5aaabfd130b5db1a8e257623954106f
90386b5b2829401deb128271b1da588cff1428bc68a69a5ef4cf004abab89955
9525b4fb695198614b6d6880daaf8dbd9131d7a7699043de2a445339c35c90ae
953e34b546f0bff3aeb2d4c4880cb3cbc1f2b98105698bd416ddf03be97949d8
9859fdd04a1654435752ed8b5e612bf61fc048b511420abefb3e9941c7c1a0e2
9e80cecde94e949338b581c600baded9fb2e1399f18e47aa2cd7ed9fd6317232
a35f27b5fba545a5c1a1eabd04a5902aa61158df59935a80f891f1f34a9fb5c7
a417652e8184751547db429e1d20d515c25bdc7ad8d24669d1a3cf9dbfcc971d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cc18efea85afe3c48d25cb1fb87e19bcecd962e585eeb23512cca4abf566fa
a616ecab96a7e000215ea42344c7ddea35402e9ab3253d55f2ebc6de45e4ad54
ae6d2dd4b9ba0d05d7d6ef12291e752d80cfe7ef36dafcfd496ebe459f615d38
b06495b728ac46c2d8391112b1fe70bb595eeedae8a480475217356477ba8080
b0ee873dabe85e8efde99a7f6eaeadb38a873a812a7f2757117497e4da233f8f
b1ca39caeffc18432d3459844918984e6b34300c4d2ea73ed5bf808da09d330a
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b4065e1581a4d28f5850e6922b6098cf6ff46df74fd372fae0873d4e4171629f
b578a24c4078bd1217f434641021e8decddf71f1f900808785283c7c4c000168
c70264c1b001da559ee8992a67ad02e0ddb74707b3159d1c9218647732103d74
cece1097f127c3259563e9936c64b658830b75f606b503a191e52d39ac0a6556
d042a4628824598f31ddf30bbb1524753ddbfa5f0ac83e2d858f40bae6e299ac
e09efc74f06a298bd9cf444c8e728f65e039db3d869bd8cf9bf17ee214a0b2ad
e2890adb9bd41a5801dbd2ba5a6d904c9f804e828d1b53f6c3d008f8eef1d868
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86360cf4e0e03556793a243c7d061d6384c435b0226bab7c3108303b5f4370a
ef88f528a5d1c110782f7d8cfbaa2acb6311adebc512bac7a2ed4243ff6918d0
f0e3f4cdc282dc2223fa74f47f49bf78cf0d5ead8b667f6c431e390a2abd1c19
f900e78a123fd3dc1b72c481e47d7387a22ff098ec49722f2332032645332830
fc708c85df81b6ebfc6249fda2d3ea516131039f3c167266624f94dc680dbe7b

payxessays.com Open in urlscan Pro 2606:4700:3033::ac43:c7ac Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

93 %IPv6

11 Domains

15 Subdomains

15 IPs

3 Countries

1865 kBTransfer

2916 kBSize

5 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payxessays.com Open in urlscan Pro
2606:4700:3033::ac43:c7ac Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1865 kB
Transfer

2916 kB
Size

5
Cookies

61 HTTP transactions
2 data transactions