Submitted URL: http://www.payperinvest.com/
Effective URL: https://www.payperinvest.com/
Submission: On November 20 via api from US — Scanned from DE

Summary

This website contacted 25 IPs in 4 countries across 23 domains to perform 61 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.payperinvest.com.
TLS certificate: Issued by GTS CA 1D4 on October 25th 2023. Valid for: 3 months.
This is the only time www.payperinvest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 162.19.58.157 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
1 38.46.218.29 26042 (FIBERSTATE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42::649 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 199.232.196.134 54113 (FASTLY)
1 199.232.198.49 54113 (FASTLY)
2 136.243.55.84 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 20.114.190.119 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
61 25
Apex Domain
Subdomains
Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
225 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
x.clarity.ms — Cisco Umbrella Rank: 7419
c.clarity.ms — Cisco Umbrella Rank: 1405
28 KB
8 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 49
584 KB
7 payperinvest.com
www.payperinvest.com
349 KB
4 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11551
2 MB
4 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
123 KB
3 disqus.com
payperinvest-1.disqus.com
3 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 34375
static.a-ads.com — Cisco Umbrella Rank: 45230
389 KB
2 gstatic.com
fonts.gstatic.com
70 KB
2 googledrive.com
googledrive.com — Cisco Umbrella Rank: 67042
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
113 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
760 B
1 togybux.com
www.togybux.com
485 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
534 B
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 13467
976 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
258 B
1 disquscdn.com
a.disquscdn.com — Cisco Umbrella Rank: 15117
2 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10409
58 KB
1 2img.net
2img.net — Cisco Umbrella Rank: 289827
30 KB
1 faucetwave.net
faucetwave.net
359 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
61 23
Domain Requested by
8 lh3.googleusercontent.com www.payperinvest.com
7 pagead2.googlesyndication.com www.payperinvest.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 www.payperinvest.com 1 redirects www.payperinvest.com
code.jquery.com
4 x.clarity.ms www.clarity.ms
4 i.ibb.co www.payperinvest.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 payperinvest-1.disqus.com 1 redirects payperinvest-1.disqus.com
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms www.payperinvest.com
www.clarity.ms
2 googledrive.com www.payperinvest.com
2 code.jquery.com www.payperinvest.com
2 maxcdn.bootstrapcdn.com www.payperinvest.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.payperinvest.com
2 stackpath.bootstrapcdn.com www.payperinvest.com
1 www.google.com tpc.googlesyndication.com
1 c.bing.com 1 redirects
1 www.togybux.com www.payperinvest.com
1 static.a-ads.com ad.a-ads.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 4.bp.blogspot.com www.payperinvest.com
1 region1.google-analytics.com www.googletagmanager.com
1 ad.a-ads.com www.payperinvest.com
1 a.disquscdn.com www.payperinvest.com
1 www.blogger.com www.payperinvest.com
1 2img.net www.payperinvest.com
1 faucetwave.net www.payperinvest.com
1 www.googletagmanager.com www.payperinvest.com
61 28
Subject Issuer Validity Valid
www.payperinvest.com
GTS CA 1D4
2023-10-25 -
2024-01-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
ibb.co
R3
2023-10-09 -
2024-01-07
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
faucetwave.net
cPanel, Inc. Certification Authority
2023-10-02 -
2023-12-31
3 months crt.sh
2img.net
Cloudflare Inc ECC CA-3
2023-04-05 -
2024-04-04
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.blogger.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2022-12-21 -
2024-01-21
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
togybux.com
E1
2023-11-07 -
2024-02-05
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-13 -
2024-04-20
a year crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.payperinvest.com/
Frame ID: 7F14E894478B89E98840074882874DBA
Requests: 53 HTTP requests in this frame

Frame: https://ad.a-ads.com/2278188?size=250x250
Frame ID: C717345214E154DB04AB0CDA16EFAF7F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8271138230391115&output=html&adk=1812271804&adf=3025194257&lmt=1700425663&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.payperinvest.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700479811605&bpp=7&bdt=552&idt=297&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1106313051734&frm=20&pv=2&ga_vid=1976809213.1700479812&ga_sid=1700479812&ga_hid=1882411645&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532601%2C31078297%2C31079756%2C44807764%2C44808149%2C44808285%2C44809057&oid=2&pvsid=73027114732761&tmod=62839540&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=413
Frame ID: 15C26AFA66578E598E93C5167608D814
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C821A7AF079664521D5B751E906A0B97
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D67142A47CE765ED7E79612F0DDF982
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

payeer perfectmoney faucetpay earnings from internet Payeer, Perfectmoney & Faucetpay earnings

Page URL History Show full URLs

  1. http://www.payperinvest.com/ HTTP 301
    https://www.payperinvest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

72 %
IPv6

23
Domains

28
Subdomains

25
IPs

4
Countries

4722 kB
Transfer

7492 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.payperinvest.com/ HTTP 301
    https://www.payperinvest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://payperinvest-1.disqus.com/blogger_index.js HTTP 302
  • https://a.disquscdn.com/blogger_index.js
Request Chain 50
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&RedC=c.clarity.ms&MXFR=35F8B72532D064BE0011A4EA36D06A81 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&MUID=011C716538FC6216385762AA39776384

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.payperinvest.com/
Redirect Chain
  • http://www.payperinvest.com/
  • https://www.payperinvest.com/
180 KB
34 KB
Document
General
Full URL
https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8ea496d908459848c271c1200d4ea1863ae04eba5892a947f1b27c8ea61fbee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
34765
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:30:10 GMT
etag
W/"82fe1359fc3652161b9e4ff034565dcbf2696a13c5ae0e98108fb99bfc886735"
expires
Mon, 20 Nov 2023 11:30:10 GMT
last-modified
Sun, 19 Nov 2023 20:27:43 GMT
report-to
{"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
server
GSE
x-content-type-options
nosniff
x-robots-tag
all,noodp
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
176
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:30:10 GMT
Expires
Mon, 20 Nov 2023 11:30:10 GMT
Location
https://www.payperinvest.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
nziuxccprdtthcj.php
www.payperinvest.com/
0
0
Script
General
Full URL
https://www.payperinvest.com/nziuxccprdtthcj.php
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
26178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.js
www.payperinvest.com/
0
0
Script
General
Full URL
https://www.payperinvest.com/main.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
26142
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
268 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PH26WR3YXP
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad158ac996e5f385615518e3aa6e9d523f5cb470632853575dc76bd641b7f2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91384
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:30:11 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/
157 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payperinvest.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
865
age
610368
cdn-cachedat
10/31/2023 18:50:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"3afe15e976734d9daac26310110c4594"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
26de3d52b04ffd4f1c142906b5ac84f9
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82905c03bca88fe6-FRA
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/
6 KB
809 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&family=Satisfy&display=swap
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72e84fe83358c924e68c8e3822a75bd067a944f339bfa7ae5dc6934e9b58f947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 11:30:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:30:11 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
898912
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82905c03cc19bba7-FRA
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8271138230391115&host=ca-host-pub-1556223355139109
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
691c9b0edb68f74dc14a4e7de3ee1dbb4520b6638baf83a126bb75be97d89bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payperinvest.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52771
x-xss-protection
0
server
cafe
etag
5311468631309170313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:30:11 GMT
css2
fonts.googleapis.com/
2 KB
930 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Anton&family=Bebas+Neue
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f19f8eec24304ecc0c48adf418e06bd7efafb764c793c0df45190432d543d877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 11:30:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:30:11 GMT
ezgif-wide-f7e8d83ca1.gif
i.ibb.co/mRRxXCY/
375 KB
375 KB
Image
General
Full URL
https://i.ibb.co/mRRxXCY/ezgif-wide-f7e8d83ca1.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096589.ip-162-19-58.eu
Software
nginx /
Resource Hash
58bc1a737213ea3c686f2fd95e3292d5101b45758c10151e30612d6c26fd95d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
last-modified
Sat, 26 Aug 2023 10:22:37 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
383634
expires
Thu, 31 Dec 2037 23:55:55 GMT
ALY8t1syNtstpmp_0Op_aqDQ--Yl0G_OMEDzP3Oboz2EZ-wLYjjfNX9qLSZyN_EKwdTMIKeg7AIhOsC3tHBap7aWtURHuGUE=w825
lh3.googleusercontent.com/blogger_img_proxy/
111 KB
112 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1syNtstpmp_0Op_aqDQ--Yl0G_OMEDzP3Oboz2EZ-wLYjjfNX9qLSZyN_EKwdTMIKeg7AIhOsC3tHBap7aWtURHuGUE=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a17b60c92d22eb4635021233804e59af9f1d442532461930deef8e00ac662c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114118
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1vslSQrKT2d5FBod0vShlod-Uicb8NKLse-5qyInBjVmf7ukQQ8i99xf4zvq2NhX3_8apoXEDMadlzjalEJIZyq4CL_a39rgcvDyZTqy0yrp0gS2g=w825
lh3.googleusercontent.com/blogger_img_proxy/
71 KB
71 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vslSQrKT2d5FBod0vShlod-Uicb8NKLse-5qyInBjVmf7ukQQ8i99xf4zvq2NhX3_8apoXEDMadlzjalEJIZyq4CL_a39rgcvDyZTqy0yrp0gS2g=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0296194a7d7c278db6acce1512434cf4e097b6b500ac2dd8eb01a3fdf3c96d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72898
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1sUvR1MpBvQo-9hWmOHV-iQZ2boFxnDrB0IJEtjpi7mBvwsUrHObRPmtPEP8bI0Pat9bQemn-GlHcQX9Gx3O3pT4GHRqtsaH-JLiUhwzSovYmYBrQ=w825
lh3.googleusercontent.com/blogger_img_proxy/
73 KB
73 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1sUvR1MpBvQo-9hWmOHV-iQZ2boFxnDrB0IJEtjpi7mBvwsUrHObRPmtPEP8bI0Pat9bQemn-GlHcQX9Gx3O3pT4GHRqtsaH-JLiUhwzSovYmYBrQ=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
688d84c03d50d076f88034c3e2c639499b3c9b2173f4bc6e22184f2ea408fa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75037
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1tpK2KACNxlhdMRm09dcQciARPe2zgqqbdCcHUGUQuUiRypRzyoccndBnLiqpRpFj3x2FnSPpOkq5TtQ-4VwBRX4ccfBNtkHxTLHMndEx4r9BGUlUD_aGO9I84IoKUKb3j2cgkjiDoxbWp8spXCbgjQrPYswgP-uij2ch0MhRqikJbo7NNfTIsXXRdlE3XTv...
lh3.googleusercontent.com/blogger_img_proxy/
79 KB
79 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tpK2KACNxlhdMRm09dcQciARPe2zgqqbdCcHUGUQuUiRypRzyoccndBnLiqpRpFj3x2FnSPpOkq5TtQ-4VwBRX4ccfBNtkHxTLHMndEx4r9BGUlUD_aGO9I84IoKUKb3j2cgkjiDoxbWp8spXCbgjQrPYswgP-uij2ch0MhRqikJbo7NNfTIsXXRdlE3XTvqviR9ZW5AOZrtQpr6mgrXclXrzLHi7YyJFm47VH0mB9H2RPdscmGvcilI00us6vxR8M6S8ChtfDM1X7AGAXRNXIdEEdCY7Qdvmcr308oZ9Fs_GVTuoV44YBL_TBaAM=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8af1771bd8f194ce921dae5531dac9d873559874e0103c434f088203302b197b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80887
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1tHWyk80EpalDi8v2L40MyEOPeQZJ7IppRkW3_-XZTmeU1XfhpXue7pisfo82xj2qD1AUpmiwMUkqjogom5tMdjIvE5VW84lEimFuyL2M5gf6NPgw=w825
lh3.googleusercontent.com/blogger_img_proxy/
58 KB
58 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tHWyk80EpalDi8v2L40MyEOPeQZJ7IppRkW3_-XZTmeU1XfhpXue7pisfo82xj2qD1AUpmiwMUkqjogom5tMdjIvE5VW84lEimFuyL2M5gf6NPgw=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7e9da83b8e6b489e0430a8d342480c533e01036f3142223a359a9387efcca24d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59537
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1upXEoLtAUn66gZoW2ULkxH6luiraYP71_V5aEAqmnTdsPMgsaUdN3f1_YFoCyM6-0h1Am_i-Q9rmUq57AfzxB0UuGjlsNqsfDSMLwibElsW7ZGHjjvOZoxE5VCuFzPN_9aIg=w825
lh3.googleusercontent.com/blogger_img_proxy/
74 KB
74 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1upXEoLtAUn66gZoW2ULkxH6luiraYP71_V5aEAqmnTdsPMgsaUdN3f1_YFoCyM6-0h1Am_i-Q9rmUq57AfzxB0UuGjlsNqsfDSMLwibElsW7ZGHjjvOZoxE5VCuFzPN_9aIg=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9fc0e8a0d95c9616f111c3f0a0b6539f1eeecdd0d940062ab8d68b38991e18cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75855
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1u9gNLyZgaicxyqNZVk5a3Haw0jVgKyx8KEg7JB3fzY1Wc12neaz8tRpfx1eDAHT46xH1FPgBR5yjXlxZxIbNl3UWuR6HxcSE6Nrr_GJQMUd4gHOg=w825
lh3.googleusercontent.com/blogger_img_proxy/
46 KB
46 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1u9gNLyZgaicxyqNZVk5a3Haw0jVgKyx8KEg7JB3fzY1Wc12neaz8tRpfx1eDAHT46xH1FPgBR5yjXlxZxIbNl3UWuR6HxcSE6Nrr_GJQMUd4gHOg=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
95b2927eaa778c3b215ccb173261606eb28efebd409cfcb2b419982897880afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46637
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ALY8t1uR-d6gG5_HAd7c9gtbseVMJv2voIGoxi1nrb9HQCiIjF94QPRSkg2F_-pEwIvZ2oG7zJe4oiJikAIEpEvJ1JHRrNUm89KQFRA9dpqJpZ0MOODZ8g=w825
lh3.googleusercontent.com/blogger_img_proxy/
71 KB
71 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1uR-d6gG5_HAd7c9gtbseVMJv2voIGoxi1nrb9HQCiIjF94QPRSkg2F_-pEwIvZ2oG7zJe4oiJikAIEpEvJ1JHRrNUm89KQFRA9dpqJpZ0MOODZ8g=w825
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0116a4ea91b03ced373fbd6bcda8039083d2946f9bfb28fc861b80e85465463a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72251
x-xss-protection
0
expires
Tue, 21 Nov 2023 11:30:11 GMT
ezgif-2-f0c17cbeac.gif
i.ibb.co/YtprjzV/
1 MB
1 MB
Image
General
Full URL
https://i.ibb.co/YtprjzV/ezgif-2-f0c17cbeac.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096589.ip-162-19-58.eu
Software
nginx /
Resource Hash
dc4737578334671cf89dcc9ea96a64bac1b94b2d2bc28dc6620ae19b1c7aae65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
last-modified
Wed, 01 Nov 2023 21:46:07 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1320694
expires
Thu, 31 Dec 2037 23:55:55 GMT
faucetwave-3-3-6.gif
faucetwave.net/assets/
359 KB
359 KB
Image
General
Full URL
https://faucetwave.net/assets/faucetwave-3-3-6.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.46.218.29 Draper, United States, ASN26042 (FIBERSTATE, US),
Reverse DNS
Software
Apache /
Resource Hash
032ea5f7350a667c86fe136c2c26f7fb9c1694df16d113bb840aa2b73a7bd0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:30:11 GMT
Last-Modified
Fri, 13 Oct 2023 09:55:22 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
367360
banner_neverclick.png
2img.net/h/s18.postimg.cc/glnlhkym1/
29 KB
30 KB
Image
General
Full URL
https://2img.net/h/s18.postimg.cc/glnlhkym1/banner_neverclick.png
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55012931f719833b6c9cb59417e22e0f672c7f241bcee6db572ba228ed145cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
637430
alt-svc
h3=":443"; ma=86400
content-length
29899
x-xss-protection
1; mode=block
last-modified
Mon, 20 Nov 2017 18:51:14 GMT
server
cloudflare
etag
"5a132422-74cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiPFvJZQf3f%2Fb5ViKVUbL2GeZPKtRgjp4%2F6d5p2EOm8QeRQZVQcoqfWGsBtRl8QJ0YB18tNVpX0GP3hjLjODOpq53uUeY8281LKBwpO0ahuBELhevT5%2F7M%2F7LMhcc0EwdALIuR21Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
82905c055b741ca4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.payperinvest.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2025124
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-fra-etou8220057-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700479811.321768,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
31, 162824
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/
59 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payperinvest.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1075
age
688272
cdn-cachedat
10/31/2023 18:59:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"6bea60c34c5db6797150610dacdc6bce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
20713b8d20c7d52ccf14bd65a78289bf
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82905c045d3d8fe6-FRA
cdn-requestpullsuccess
True
jquery-latest.js
code.jquery.com/
276 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5677603
x-cache
HIT, HIT
content-length
83875
x-served-by
cache-lga21958-LGA, cache-fra-etou8220076-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700479811.324112,VS0,VE0
etag
W/"28feccc0-4508e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
773, 198823
0B4n9GL3eVuV-cEhJOFFLTWdSYXM
googledrive.com/host/
0
0
Script
General
Full URL
https://googledrive.com/host/0B4n9GL3eVuV-cEhJOFFLTWdSYXM
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

0B4n9GL3eVuV-QjAwRmpVbEVHZm8
googledrive.com/host/
0
0
Script
General
Full URL
https://googledrive.com/host/0B4n9GL3eVuV-QjAwRmpVbEVHZm8
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cookienotice.js
www.payperinvest.com/js/
6 KB
2 KB
Script
General
Full URL
https://www.payperinvest.com/js/cookienotice.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 10:54:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 27 Nov 2023 11:30:11 GMT
500025675-widgets.js
www.blogger.com/static/v1/widgets/
160 KB
58 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/500025675-widgets.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
243a5726e7e623f0b3f1801b0e850cf64ef5b19b35f0729291356e2fee2f08f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59347
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 21:58:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 17 Nov 2024 07:15:42 GMT
gf5cx8ovmo
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/gf5cx8ovmo?ref=bwt
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0896870463c5f78461ed20f1a8d3835dc9049cfba28985e86cf953a19caff086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Mon, 20 Nov 2023 11:30:11 GMT
x-azure-ref
20231120T113011Z-vh8yd81bch7fp76hpfu5pem6v400000002hg00000002zzxs
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&family=Satisfy&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
248443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:29:28 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&bust=31079756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8271138230391115&host=ca-host-pub-1556223355139109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29f25da68f3a2080cd224f55c5705960ffe6e2460417fe9c399b31ab205a3a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137295
x-xss-protection
0
server
cafe
etag
10491830006299918700
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:30:11 GMT
blogger_index.js
a.disquscdn.com/
Redirect Chain
  • https://payperinvest-1.disqus.com/blogger_index.js
  • https://a.disquscdn.com/blogger_index.js
5 KB
2 KB
Script
General
Full URL
https://a.disquscdn.com/blogger_index.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubdomains
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
CPH50-P1
age
157
etag
"60395f01-542"
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, public
content-length
1346
x-amz-cf-id
s4UFlmwXDIEIjnirVpYRnjfhUKNiLpxFLrea-HQoRTOUddfB3mqaDQ==
x-xss-protection
1; mode=block
expires
Mon, 06 Nov 2023 22:47:55 GMT

Redirect headers

Date
Mon, 20 Nov 2023 11:30:12 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
Server
Varnish
Location
https://a.disquscdn.com/blogger_index.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
0
2278188
ad.a-ads.com/ Frame C717
12 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/2278188?size=250x250
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.55.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.55.243.136.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
86f97596d3b983e1d053c4e6fe15f1004fbe58bdb51b9c89b70b17ad9eb82d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 20 Nov 2023 11:30:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www.payperinvest.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PH26WR3YXP&gtm=45je3b81v9105596929&_p=1700479811512&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1976809213.1700479812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700479811&sct=1&seg=0&dl=https%3A%2F%2Fwww.payperinvest.com%2F&dt=payeer%20perfectmoney%20faucetpay%20earnings%20from%20internet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1800
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PH26WR3YXP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.payperinvest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
620817
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cf7443bc10d9046d9a6eb5eb55ea1314
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82905c072e8a0858-FRA
cdn-requestpullsuccess
True
rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v21/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/satisfy/v21/rP2Hp2yn6lkG50LoCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&family=Satisfy&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.payperinvest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:27:05 GMT
x-content-type-options
nosniff
age
302586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22652
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:27:05 GMT
clarity.js
www.clarity.ms/s/0.7.18/
59 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gf5cx8ovmo?ref=bwt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231120T113011Z-vh8yd81bch7fp76hpfu5pem6v400000002hg000000030004
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7767f6a6-101e-004a-47fe-198d54000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
default
www.payperinvest.com//feeds/posts/
67 KB
14 KB
XHR
General
Full URL
https://www.payperinvest.com//feeds/posts/default?alt=json&max-results=3
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
9616800a503f3dbf9ec2c9669890096de410b28b2486371168401376361ec1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://www.payperinvest.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 19 Nov 2023 20:27:43 GMT
server
blogger-renderd
etag
W/"6ca9344d6e091800c8950348d83a8334a765cc37e91c5caa49392cc6014c1789"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
13604
x-xss-protection
0
expires
Mon, 20 Nov 2023 11:30:12 GMT
/
www.payperinvest.com//feeds/posts/default/
2 MB
298 KB
XHR
General
Full URL
https://www.payperinvest.com//feeds/posts/default/?alt=json&max-results=500&start-index=1
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
0b73bd305dd70f9f480df919390d925aaeef6e47227dd36cfeb7e71d53edd321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://www.payperinvest.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 19 Nov 2023 20:27:43 GMT
server
blogger-renderd
etag
W/"9e606f06b438f3853d2ea8261a4d67b395e0c0440418f334c135ff8c7b02af24"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
305181
x-xss-protection
0
expires
Mon, 20 Nov 2023 11:30:13 GMT
ajax-loader.gif
4.bp.blogspot.com/-VWY5-YJq0v4/XO4Y_HXklkI/AAAAAAAABE0/8G7P03z0YrgxKQx3cMrdagfB9K5GjkJ6ACLcBGAs/s1600/
673 B
976 B
Image
General
Full URL
https://4.bp.blogspot.com/-VWY5-YJq0v4/XO4Y_HXklkI/AAAAAAAABE0/8G7P03z0YrgxKQx3cMrdagfB9K5GjkJ6ACLcBGAs/s1600/ajax-loader.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:48:13 GMT
x-content-type-options
nosniff
age
6119
content-disposition
inline;filename="ajax-loader.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
673
x-xss-protection
0
server
fife
etag
"v44e"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 21 Nov 2023 09:48:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 15C2
603 B
534 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8271138230391115&output=html&adk=1812271804&adf=3025194257&lmt=1700425663&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.payperinvest.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700479811605&bpp=7&bdt=552&idt=297&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1106313051734&frm=20&pv=2&ga_vid=1976809213.1700479812&ga_sid=1700479812&ga_hid=1882411645&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532601%2C31078297%2C31079756%2C44807764%2C44808149%2C44808285%2C44809057&oid=2&pvsid=73027114732761&tmod=62839540&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:30:12 GMT
expires
Mon, 20 Nov 2023 11:30:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
250x250
static.a-ads.com/a-ads-banners/485510/ Frame C717
383 KB
384 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/485510/250x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2278188?size=250x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.55.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.55.243.136.clients.your-server.de
Software
nginx /
Resource Hash
27f7952173e2d2e9400b8b7cb76237ffd6870af128a57e120eb02c4e3bf2fb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
x-amz-version-id
cV80_Heho9Xkfia0LphThONkktobGGOb
last-modified
Thu, 26 Oct 2023 11:59:15 GMT
server
nginx
x-amz-request-id
D1WC53Q424F38EJ7
etag
"60fcfc7fb653babdf5118d5a9da8949f"
x-amz-server-side-encryption
AES256
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
392651
x-amz-id-2
LWCXB8fJJ0VPb88xQz9zA6+JQZXnORJbsCkoDJPD5TZZ+ArE6SpASrYhVxqRjxknzJc5WDfXZoc=
expires
Thu, 31 Dec 2037 23:55:55 GMT
OIG.jpg
i.ibb.co/C2Yg9V0/
126 KB
127 KB
Image
General
Full URL
https://i.ibb.co/C2Yg9V0/OIG.jpg
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096589.ip-162-19-58.eu
Software
nginx /
Resource Hash
b9b106fcc032a1fb073a6d68acc5cc02f7237629119aad95329cd15b8a46538c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
last-modified
Sun, 19 Nov 2023 19:42:42 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
129197
expires
Thu, 31 Dec 2037 23:55:55 GMT
PPP700.gif
i.ibb.co/jkvpBkG/
15 KB
16 KB
Image
General
Full URL
https://i.ibb.co/jkvpBkG/PPP700.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096589.ip-162-19-58.eu
Software
nginx /
Resource Hash
df2f9996520b232b1bce745e3a75065e242b91bb52226857d37088df0caf49ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
last-modified
Thu, 23 Sep 2021 13:52:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
15747
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner02.gif
www.togybux.com/images/
484 KB
485 KB
Image
General
Full URL
https://www.togybux.com/images/banner02.gif
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8cb37839c0692377a7794d9611d0e1030916a0636c64271c503f1264d0896a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:12 GMT
cf-cache-status
HIT
last-modified
Mon, 13 Nov 2023 23:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5831
etag
"6552ad21-791cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwFPNLpQglnSamXryleQ3MoEq5XiFZsnfaQuqSYFdL8JE4%2FPUFf44qyoNWbRD%2F%2F%2Fqw3Ys2LeTxXERkGwZMgLLE1USiShRwnwTdIajNAzJ4rzkQAjN%2FENkgF7wSLzBNS80GdRksU9bRZO4ZKa82g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82905c0abf786602-AMS
alt-svc
h3=":443"; ma=86400
content-length
496079
truncated
/ Frame C717
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
x.clarity.ms/
0
300 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.payperinvest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.payperinvest.com
Date
Mon, 20 Nov 2023 11:30:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
count.js
payperinvest-1.disqus.com/
1 KB
2 KB
Script
General
Full URL
https://payperinvest-1.disqus.com/count.js
Requested by
Host: payperinvest-1.disqus.com
URL: https://payperinvest-1.disqus.com/blogger_index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:30:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
144
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 17 Nov 2023 20:11:37 GMT
Server
nginx
ETag
"6557c8f9-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
FXiZ-0Ht7I3Bfg9kSLu3s8OyZiNn1r65gEavZ084dFLSfc5YBNJkNg==
collect
x.clarity.ms/
0
300 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.payperinvest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.payperinvest.com
Date
Mon, 20 Nov 2023 11:30:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
count-data.js
payperinvest-1.disqus.com/
1 KB
2 KB
Script
General
Full URL
https://payperinvest-1.disqus.com/count-data.js?2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F10%2Fbitruecom-offers-new-futures-contest.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2F6-hot-coin-m-futures-pairs-enjoy-zero.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Fmanual-traffic-exchanges-list-number1.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Fpropeasy-real-estate-by-renec.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Fteambuildmachinecom-review-is.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Ftogybuxcom-review-is-togybux-scam-or.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Fwildfaucetcom-review-low-cashout-faucet.html&2=https%3A%2F%2Fwww.payperinvest.com%2F2023%2F11%2Fxahau-xah-token-mint-offers-on-bitruecom.html
Requested by
Host: payperinvest-1.disqus.com
URL: https://payperinvest-1.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3dc8a98ad94819adc88bb4759c22e75a7bc6f07a1b237bf746659ab86266532d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:30:12 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
1053
X-XSS-Protection
1; mode=block
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&RedC=c.clarity.ms&MXFR=35F8B72532D064BE0011A4EA36D06A81
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&MUID=011C716538FC6216385762AA39776384
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&MUID=011C716538FC6216385762AA39776384
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:13 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:30:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 246F36F63EA14D0689235264CF7D825F Ref B: FRA31EDGE0617 Ref C: 2023-11-20T11:30:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&MUID=011C716538FC6216385762AA39776384
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0042bddf60824afc0c103a9e34b16189da334b857da18d3612c2e4f65f3578c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 11:30:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C821
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
60143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 18:47:50 GMT
expires
Mon, 18 Nov 2024 18:47:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9D67
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
082aeca31c7d0bff1df38d2c6aa87b019254ebddc5002e366f69d075d7cc2858
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GN9Ro7dvZ0W9vUDNvPAhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GN9Ro7dvZ0W9vUDNvPAhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:30:13 GMT
expires
Mon, 20 Nov 2023 11:30:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C821
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
7900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 09:18:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D67
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=73027114732761&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame C821
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?E6BzMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:30:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
x.clarity.ms/
0
300 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.payperinvest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.payperinvest.com
Date
Mon, 20 Nov 2023 11:30:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=73027114732761&bg=!mpmlmdbNAAZxrfrxUa07ADQBe5WfOB_TN2RCj42sK48m9kVeh56dxsimLBNMWY8cCvFbLN-1PwmKina17t4YPg5xIKDlAgAAAkhSAAAABGgBBwoAlQHF6T8cc_5EApR5H6XQI--7E9ayRhNbUlkVWMDlvwk_qHub_fakFdV4d4oazGiqj3rxkQ9AiHKsr-RI2PerIG_7dpaJv4tzHwtHow7jsqxoAXwBN73VCD8LmFLVeJHB_HrdUVxdXOod9wr3rK3atd5n88e1SHnhMOzb3FRJClTMMXAuqVDbIW7HXCLqUmDZvBxRSPkZmQLLnTNasZU5wh36095xv379hJTi_Y5a2tuC5huuWNd4avPoi9yH69_amkplPxsybjAxAz79IvXsg5q57AbuGjIAxRao3OCFxyXAQutbYxcLpGGYtW9lPZELw93qEWEu87Gjt7zZVrQaDLEsswitSmdXuOctR0fQS9ljQO0MMJiUL0JRp-swbDXZXB4aiFPJ9wnTdrX37_JoQt2dN0_PoA6TEk8Knhhtw6ifvom-vkwk27KFBrgCex3Ud6UYvtUnM9gIHaf0Fk1Vh2ekH8mwKY3wczOnfBDAcZwnsOYdig_qmLA6Lkf9le9UTOa9HA-aS1O9wMla9I6Py6YbJOkKbAZVn6aw9q8VaQo5QXGFee7duisXY9CGcE7Z2OlYVkhtm_SMvvm_c95JoefOlClq5SwN_gO3hbgkPnU3K-R5Rj253pdeCB62Rv07Mze4WO7vPM_OMQfhoYlqRiJtigr96htdJwTSpEsy_e2rZAEdXqDgQvcGTctIaOym2Ffc1_EHxF9-9y3K405qPsbq_t67_qKPWWmJn2vL2lYv2qC6f0jDKK3a5EOk9WO0jLvofPHcFO8L0lp7YqtKW6Es8j7ez3D6h4DXKlWamdjZ5OJ89QucwX-wMZHY7kiYrQO4amBbua5zQCxq_bXSFzHkHbU3-7GGTi4F1AetuF8y8quCUK79LL7LkerX4UgAtI1AaAVXpukz2akqpM8Wwd_kP8R1mMoKkvn0_Mb0M2OuMlUqF-I3ePefzuFz2jrnP2Crks7S8x2bxcop_iZPC7BXhKlYENOHlkLDbMd_6-dpT0KvD72G12uiosSEikAuqe5DIBNKxWmO-E14e_HRP7yaXcRJm9TW9U4TVp16ZQTmx0KMxdMljB3RG3Gt1oK_bn1t0TEcPwkpHfNxkE7sh9LYNc-y-IsH5diR9KnfyiD6ux4WcE_PZ68NBLYUcw0MJe-VWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

collect
x.clarity.ms/
0
300 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.payperinvest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.payperinvest.com
Date
Mon, 20 Nov 2023 11:30:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer function| clarity object| adsbygoogle object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| disqus_shortname string| disqus_blogger_current_url string| disqus_blogger_homepage_url string| disqus_blogger_canonical_homepage_url string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| bootstrap string| blogurl string| blogtitle function| $j function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt object| cookieChoices object| linkListUl object| regex function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| postLocation string| postId string| postAuthorAvatar string| postAuthor string| postsThumbnailSquare string| postSummary string| postTags string| postContent string| postThumbnail object| postCommentsCount string| postLabelsList string| postUrl string| postDay string| postMonthName string| postMonth string| postYear string| postDate string| postDateTime string| postTitle string| postDateStr string| postThumbnailSquare string| nextPostsUrl object| DISQUSWIDGETS undefined| disqus_domain object| post object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
.payperinvest.com/ Name: _ga_PH26WR3YXP
Value: GS1.1.1700479811.1.0.1700479811.0.0.0
.payperinvest.com/ Name: _ga
Value: GA1.1.1976809213.1700479812
www.clarity.ms/ Name: CLID
Value: dd9645358fc24871b396649dd79ebdae.20231120.20241119
.payperinvest.com/ Name: _clck
Value: 118gyfp%7C2%7Cfgv%7C0%7C1419
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.payperinvest.com/ Name: _clsk
Value: 1mr4vw5%7C1700479812622%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 011C716538FC6216385762AA39776384
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 011C716538FC6216385762AA39776384
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 011C716538FC6216385762AA39776384
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

6 Console Messages

Source Level URL
Text
network error URL: https://www.payperinvest.com/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.payperinvest.com/nziuxccprdtthcj.php
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.payperinvest.com/
Message:
Refused to execute script from 'https://www.payperinvest.com/nziuxccprdtthcj.php' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://www.payperinvest.com/
Message:
Refused to execute script from 'https://www.payperinvest.com/main.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://googledrive.com/host/0B4n9GL3eVuV-QjAwRmpVbEVHZm8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googledrive.com/host/0B4n9GL3eVuV-cEhJOFFLTWdSYXM
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
4.bp.blogspot.com
a.disquscdn.com
ad.a-ads.com
c.bing.com
c.clarity.ms
code.jquery.com
faucetwave.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googledrive.com
i.ibb.co
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
payperinvest-1.disqus.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
static.a-ads.com
tpc.googlesyndication.com
www.blogger.com
www.clarity.ms
www.google.com
www.googletagmanager.com
www.payperinvest.com
www.togybux.com
x.clarity.ms
136.243.55.84
162.19.58.157
199.232.196.134
199.232.198.49
20.114.190.119
2001:4860:4802:34::36
2606:4700:3038::6815:eb4b
2606:4700::6812:bcf
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2009
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
2a00:1450:4001:831::2013
2a04:4e42::649
2a06:98c1:3121::3
38.46.218.29
68.219.88.97
0042bddf60824afc0c103a9e34b16189da334b857da18d3612c2e4f65f3578c6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0116a4ea91b03ced373fbd6bcda8039083d2946f9bfb28fc861b80e85465463a
0296194a7d7c278db6acce1512434cf4e097b6b500ac2dd8eb01a3fdf3c96d86
032ea5f7350a667c86fe136c2c26f7fb9c1694df16d113bb840aa2b73a7bd0b5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082aeca31c7d0bff1df38d2c6aa87b019254ebddc5002e366f69d075d7cc2858
0896870463c5f78461ed20f1a8d3835dc9049cfba28985e86cf953a19caff086
0b73bd305dd70f9f480df919390d925aaeef6e47227dd36cfeb7e71d53edd321
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
243a5726e7e623f0b3f1801b0e850cf64ef5b19b35f0729291356e2fee2f08f3
27f7952173e2d2e9400b8b7cb76237ffd6870af128a57e120eb02c4e3bf2fb47
29f25da68f3a2080cd224f55c5705960ffe6e2460417fe9c399b31ab205a3a37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3dc8a98ad94819adc88bb4759c22e75a7bc6f07a1b237bf746659ab86266532d
55012931f719833b6c9cb59417e22e0f672c7f241bcee6db572ba228ed145cdc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bc1a737213ea3c686f2fd95e3292d5101b45758c10151e30612d6c26fd95d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
688d84c03d50d076f88034c3e2c639499b3c9b2173f4bc6e22184f2ea408fa78
691c9b0edb68f74dc14a4e7de3ee1dbb4520b6638baf83a126bb75be97d89bdf
72e84fe83358c924e68c8e3822a75bd067a944f339bfa7ae5dc6934e9b58f947
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
7e9da83b8e6b489e0430a8d342480c533e01036f3142223a359a9387efcca24d
86f97596d3b983e1d053c4e6fe15f1004fbe58bdb51b9c89b70b17ad9eb82d29
8af1771bd8f194ce921dae5531dac9d873559874e0103c434f088203302b197b
95b2927eaa778c3b215ccb173261606eb28efebd409cfcb2b419982897880afe
9616800a503f3dbf9ec2c9669890096de410b28b2486371168401376361ec1ed
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fc0e8a0d95c9616f111c3f0a0b6539f1eeecdd0d940062ab8d68b38991e18cc
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a17b60c92d22eb4635021233804e59af9f1d442532461930deef8e00ac662c8b
a8cb37839c0692377a7794d9611d0e1030916a0636c64271c503f1264d0896a9
ad158ac996e5f385615518e3aa6e9d523f5cb470632853575dc76bd641b7f2df
b9b106fcc032a1fb073a6d68acc5cc02f7237629119aad95329cd15b8a46538c
c8ea496d908459848c271c1200d4ea1863ae04eba5892a947f1b27c8ea61fbee
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
dc4737578334671cf89dcc9ea96a64bac1b94b2d2bc28dc6620ae19b1c7aae65
df2f9996520b232b1bce745e3a75065e242b91bb52226857d37088df0caf49ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f19f8eec24304ecc0c48adf418e06bd7efafb764c793c0df45190432d543d877
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d