Submitted URL: http://www.payperinvest.com/
Effective URL: https://www.payperinvest.com/
Submission: On May 14 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 46 HTTP transactions. The main IP is 2a00:1450:4001:812::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.payperinvest.com.
TLS certificate: Issued by GTS CA 1D4 on April 13th 2024. Valid for: 3 months.
This is the only time www.payperinvest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10405
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
1 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
260 KB
6 surfe.pro
static.surfe.pro — Cisco Umbrella Rank: 507287
surfe.pro — Cisco Umbrella Rank: 385018
739 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
33 KB
3 payperinvest.com
www.payperinvest.com
36 KB
2 disqus.com
payperinvest-1.disqus.com
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
49 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
83 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
131 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
258 B
1 gstatic.com
fonts.gstatic.com
46 KB
1 disquscdn.com
a.disquscdn.com — Cisco Umbrella Rank: 17958
2 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11861
50 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
46 14
Domain Requested by
7 lh3.googleusercontent.com www.payperinvest.com
7 pagead2.googlesyndication.com www.payperinvest.com
pagead2.googlesyndication.com
4 static.surfe.pro www.payperinvest.com
4 blogger.googleusercontent.com www.payperinvest.com
3 www.payperinvest.com www.payperinvest.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 surfe.pro www.payperinvest.com
2 payperinvest-1.disqus.com 1 redirects payperinvest-1.disqus.com
2 cdn.jsdelivr.net www.payperinvest.com
2 maxcdn.bootstrapcdn.com www.payperinvest.com
maxcdn.bootstrapcdn.com
2 use.fontawesome.com www.payperinvest.com
use.fontawesome.com
2 fonts.googleapis.com www.payperinvest.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 a.disquscdn.com www.payperinvest.com
1 www.blogger.com www.payperinvest.com
1 www.googletagmanager.com www.payperinvest.com
1 ajax.googleapis.com www.payperinvest.com
46 18
Subject Issuer Validity Valid
www.payperinvest.com
GTS CA 1D4
2024-04-13 -
2024-07-12
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.googleusercontent.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
surfe.pro
E1
2024-03-24 -
2024-06-22
3 months crt.sh
*.blogger.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.surfe.pro
R3
2024-04-15 -
2024-07-14
3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-16 -
2025-04-16
a year crt.sh
tpc.googlesyndication.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.payperinvest.com/
Frame ID: 415C8BEF28C9B7570E68302580D65068
Requests: 43 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Frame ID: 7089B3C2155A6E11D2AD3293BA3AEED8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-8271138230391115&output=html&adk=1812271804&adf=3025194257&abgtt=2&lmt=1715677398&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.payperinvest.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715700009540&bpp=2&bdt=472&idt=270&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3985010957536&frm=20&pv=2&ga_vid=908574406.1715700010&ga_sid=1715700010&ga_hid=690877544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C31083588%2C95331983%2C95331712%2C95332402%2C95332416&oid=2&pvsid=820565116272973&tmod=986782163&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 2657A02B724FCDAD3996DD4626D358E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21F6930890785C9BA3EFD3756A78B4BB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Get Paid Per Investment Easily and Efficiently.

Page URL History Show full URLs

  1. http://www.payperinvest.com/ HTTP 307
    https://www.payperinvest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

46
Requests

93 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

2888 kB
Transfer

4165 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.payperinvest.com/ HTTP 307
    https://www.payperinvest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://payperinvest-1.disqus.com/blogger_index.js HTTP 302
  • https://a.disquscdn.com/blogger_index.js

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.payperinvest.com/
Redirect Chain
  • http://www.payperinvest.com/
  • https://www.payperinvest.com/
149 KB
33 KB
Document
General
Full URL
https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f4d2f3db976e63abe29e64d68e95406ea43fe8f8ba48d5a88a4e388dadaa83f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
33410
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 15:20:08 GMT
etag
W/"086bac96a5f2b402821548de586f493d6c379d4ac65e8176defa10f19d168a71"
expires
Tue, 14 May 2024 15:20:08 GMT
last-modified
Tue, 14 May 2024 09:03:18 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.payperinvest.com/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 13:45:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 15:20:09 GMT
all.css
use.fontawesome.com/releases/v6.4.2/css/
100 KB
23 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v6.4.2/css/all.css?ver=6.4.2
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1875091
etag
W/"5222e06b77a1692fa2520a219840e6be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORm9ovYHW1oFiQijOuqDO44nRJ4qVtwosYVrV0tgPCSltiwIggfF%2BQnePJc1uWq%2FA4SyjkB%2Fk6BNaGUuv89geOCCz9gRYaI%2FS65NvmsCXIexMzrQORgh17oaMGcfEle5JPVKCJm0ssxPmdoN0dvhZ3z6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
883bdee16bd59c12-FRA
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
8867201
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2a9c2130ebcd6a0f961fa829a23c6ae4
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
883bdee14c4fbfd2-WAW
cdn-requestpullsuccess
True
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/
158 KB
26 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css?ver=4.6.2
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
5465011
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26373
x-served-by
cache-fra-eddf8230063-FRA, cache-mxp6961-MXP
x-jsd-version-type
version
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.4/
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js?ver=3.6.4
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31154
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 03:27:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:16:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
152 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
03edc85b8b1f83f11490724b046f58ca9feff9fb2d01e675dcff2a86d15c0c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52399
x-xss-protection
0
server
cafe
etag
5827954341620924091
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 14 May 2024 15:20:09 GMT
js
www.googletagmanager.com/gtag/
295 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PPP84K0WLB
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d98d979cd7d4a436d77b6ff99adf0ab914fbbf10699ccffaf752d9fefb561c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100917
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 15:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8271138230391115&host=ca-host-pub-1556223355139109
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
6e1d85e598fe8a4c6bc22574e4528f685db35d4677b3e836286dabff4629bb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Origin
https://www.payperinvest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52168
x-xss-protection
0
server
cafe
etag
16093509644759054736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 14 May 2024 15:20:09 GMT
css2
fonts.googleapis.com/
2 KB
594 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Anton&family=Bebas+Neue
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10ddb403d4addc836328bfae8e4be198a72f7338e71089502349dc36be364c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 15:20:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 15:20:09 GMT
AVvXsEh7yuHbC4pzYp9T3tVopy7VF50URGhXC2M0613TwbLx8SMxAl-VDBkpm42HE5r6zgYkpihA_giQrYLuXTl2DARN77sNw5eWEw8ADbWEjBfOc1B9fWs9o2ncF5wCXgMJ-Yv13KgKYWyDLkD5zUUeQ3CwyLH-WqtOIa_tats4F5HBTCVoOvCDdqvUlGYdIg=w240
blogger.googleusercontent.com/img/a/
6 KB
6 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEh7yuHbC4pzYp9T3tVopy7VF50URGhXC2M0613TwbLx8SMxAl-VDBkpm42HE5r6zgYkpihA_giQrYLuXTl2DARN77sNw5eWEw8ADbWEjBfOc1B9fWs9o2ncF5wCXgMJ-Yv13KgKYWyDLkD5zUUeQ3CwyLH-WqtOIa_tats4F5HBTCVoOvCDdqvUlGYdIg=w240
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9728df11862ddce34df6bc9955648c20c45a5c18ef729ae8091dab514c62215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v605"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo_ppdark.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6068
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
AVvXsEh_a62ynMNlUmZ3nGyZHd6LwjB2gydgEXGogT5t6DBNrbD11sLUeeulv7Dt03BoAPYvb40DzdMA28eT0z1tEgv5Pk5CoRTjCilcFGdNHP7gP6J2evfuxxFOj2IIH_ZWOvlJkSAtNTIBhh9TZD4-db3tTkwTFLn3xAyb-ONB1xf3_IPG4rZowCPiT2Sckg=w350
blogger.googleusercontent.com/img/a/
5 KB
5 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEh_a62ynMNlUmZ3nGyZHd6LwjB2gydgEXGogT5t6DBNrbD11sLUeeulv7Dt03BoAPYvb40DzdMA28eT0z1tEgv5Pk5CoRTjCilcFGdNHP7gP6J2evfuxxFOj2IIH_ZWOvlJkSAtNTIBhh9TZD4-db3tTkwTFLn3xAyb-ONB1xf3_IPG4rZowCPiT2Sckg=w350
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c84a3805c6c49ea0f9bbce3bf51170a5f020c03d3f90469db49019ece3fc023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v603"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo_pp.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4967
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
net.js
static.surfe.pro/js/
4 KB
3 KB
Script
General
Full URL
https://static.surfe.pro/js/net.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907106ff835026bd9f8f6fbf84342aafc70923664634d6afbcd4da37a7dc964d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Mar 2024 12:29:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
75969
etag
W/"65e861ad-11a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLQnH6nzOdjbk6c1UtRnQ0ukYIz0DwavyYEiy3TNFD%2Fsm7dt5t6%2BpLO3JFuK9se0Yp2RzcyRvsIsqR338psGi5C3x8FuuT2zeSQOffQuGr5eNkPSA6fbgEdWhFmiIeKV0N1H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
883bdee28fdb1e68-FRA
alt-svc
h3=":443"; ma=86400
AEn0k_t8F2IeK-5_-Gpf2JSvOGYxAqPr3WQwPbIzrzvegjobDPP1VbnnTXJstCG3sU3RxYqjYqlQS_noFHJUNWSw4xBJ-bN4cw=w1200
lh3.googleusercontent.com/blogger_img_proxy/
316 KB
316 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t8F2IeK-5_-Gpf2JSvOGYxAqPr3WQwPbIzrzvegjobDPP1VbnnTXJstCG3sU3RxYqjYqlQS_noFHJUNWSw4xBJ-bN4cw=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02d1b97897d833be63bc890802855b1a33b16c7a2894308e759ff741f2350201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
323407
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
AEn0k_uRGM9nnawR2ySbOPaVQ9Ot5vxKtgFWC2ILpqy_pNWfOcOUi5-KxUkpDTFJw48bOqZNRS2IoZvGvRiX0CaDDD03vbBm_5c=w1200
lh3.googleusercontent.com/blogger_img_proxy/
126 KB
126 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uRGM9nnawR2ySbOPaVQ9Ot5vxKtgFWC2ILpqy_pNWfOcOUi5-KxUkpDTFJw48bOqZNRS2IoZvGvRiX0CaDDD03vbBm_5c=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98c4fe2a1cb159139854b0fa7c9b7f9f98b4667db13c6872e0f19830214cd3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128852
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
AEn0k_u6pegT1YCfpDRMbg6a2PbD_BI1av8oB6fssi_VJV1TWEedt-rROFaA_iFXG3yFk2zpJEKGOLpZFK2qkt4QNfKXnzNdzic=w1200
lh3.googleusercontent.com/blogger_img_proxy/
0
0

AEn0k_saBsUfwgkQFH9zQAgocwy0-BtWAAOLRwc99gXpUlq5Amo2kKIPMCG4CjtAZyBBadhglyi8edkHB3h2lbsQoV3RfKtnpeM=w1200
lh3.googleusercontent.com/blogger_img_proxy/
31 KB
31 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_saBsUfwgkQFH9zQAgocwy0-BtWAAOLRwc99gXpUlq5Amo2kKIPMCG4CjtAZyBBadhglyi8edkHB3h2lbsQoV3RfKtnpeM=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d7e536496b4dc19d28e3ce66ecf873264c01a8c6e7a46db1c589f3cabed09b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:10 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31840
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:10 GMT
AEn0k_tXCV__Dxq_KgbqzzfXU2DjTfUxN8vHnQl6XB6T17vPD5cWILqWs6V3YPDHqk-WN0-qDb1BtgiT_VZk5tmd3Mel3gVgKD8=w1200
lh3.googleusercontent.com/blogger_img_proxy/
239 KB
239 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tXCV__Dxq_KgbqzzfXU2DjTfUxN8vHnQl6XB6T17vPD5cWILqWs6V3YPDHqk-WN0-qDb1BtgiT_VZk5tmd3Mel3gVgKD8=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d80f58d06fa7044780197dba249bb0ded3376b0899ccf401fc4478cd38636e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:11 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244684
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:11 GMT
AEn0k_vIoQbl_HZPyGTOadopxEbHl8XQ1lcw14aVPawm_AhimCDtTjRKKDQntw8YnP5cRre9JzpRkGJZFzKfGHT8DIbf0kNqOZ-n7sKZqwfnTxN8kJk=w1200
lh3.googleusercontent.com/blogger_img_proxy/
29 KB
29 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vIoQbl_HZPyGTOadopxEbHl8XQ1lcw14aVPawm_AhimCDtTjRKKDQntw8YnP5cRre9JzpRkGJZFzKfGHT8DIbf0kNqOZ-n7sKZqwfnTxN8kJk=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
62afdd9220f05b881c3ab6f54f573c85ff3bb5409857d7993c0e5010e14b7373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:10 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29403
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:10 GMT
AEn0k_u4MYcRPusFtqV9600iSmcVWWh_dQq17zVhemKEtyAIGtqJZ2COgqvYivIvcCbAIaBsSmoUDyWaTqTE2vqTAyak79GPdt4=w1200
lh3.googleusercontent.com/blogger_img_proxy/
296 KB
296 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u4MYcRPusFtqV9600iSmcVWWh_dQq17zVhemKEtyAIGtqJZ2COgqvYivIvcCbAIaBsSmoUDyWaTqTE2vqTAyak79GPdt4=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
70fe0621a98e3db1a659b9b8fcb9721e381e3958733d3b33ee221f636e4ae54b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:10 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302791
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:10 GMT
AEn0k_vLe6y4vdS5-pq7sIzPuT-59cdvcMqNIxARnfTx4TLwp80MjyoxN8zpTHNwUCUcQRc9x3xeDrqQkuKOP12RnCV-8KzP26OLHKk8zzxm_JK3cwWjmtUdUG0WGICraw=w1200
lh3.googleusercontent.com/blogger_img_proxy/
304 KB
305 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vLe6y4vdS5-pq7sIzPuT-59cdvcMqNIxARnfTx4TLwp80MjyoxN8zpTHNwUCUcQRc9x3xeDrqQkuKOP12RnCV-8KzP26OLHKk8zzxm_JK3cwWjmtUdUG0WGICraw=w1200
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c088fec3e8e9295f3840229b86455dfab3ec841fc916ded28839a20ca5173d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311715
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
AVvXsEhdeSwX5zDYBG2D2QUyit4vHh7VUt7vaieseeHVuMD9ADL1wnEtGANiYTMvTq021k2z3oIF_-mTFxlUw82iYz5vMzKzUt4EOeayKgJd0N-JIVKsAZ7x_clJFlwrCqUttDOR6O2wRxfwfonx2TtjZV7e2i92UY80Aqg67S83HyYj1zEuC1bIzaXP11wMEQ=s1600
blogger.googleusercontent.com/img/a/
5 KB
5 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhdeSwX5zDYBG2D2QUyit4vHh7VUt7vaieseeHVuMD9ADL1wnEtGANiYTMvTq021k2z3oIF_-mTFxlUw82iYz5vMzKzUt4EOeayKgJd0N-JIVKsAZ7x_clJFlwrCqUttDOR6O2wRxfwfonx2TtjZV7e2i92UY80Aqg67S83HyYj1zEuC1bIzaXP11wMEQ=s1600
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c84a3805c6c49ea0f9bbce3bf51170a5f020c03d3f90469db49019ece3fc023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v600"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo_pp.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4967
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/
81 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js?ver=4.6.2
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
6020381
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23636
x-served-by
cache-fra-etou8220105-FRA, cache-mxp6961-MXP
x-jsd-version-type
version
etag
W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cookienotice.js
www.payperinvest.com/js/
6 KB
2 KB
Script
General
Full URL
https://www.payperinvest.com/js/cookienotice.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 08:54:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 21 May 2024 15:20:09 GMT
1759232347-widgets.js
www.blogger.com/static/v1/widgets/
140 KB
50 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/1759232347-widgets.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50962
x-xss-protection
0
last-modified
Tue, 14 May 2024 05:54:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 14 May 2025 14:04:46 GMT
blogger_index.js
a.disquscdn.com/
Redirect Chain
  • https://payperinvest-1.disqus.com/blogger_index.js
  • https://a.disquscdn.com/blogger_index.js
5 KB
2 KB
Script
General
Full URL
https://a.disquscdn.com/blogger_index.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Server
199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.payperinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubdomains
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
MXP63-P2
age
200
etag
"60395f01-542"
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, public
content-length
1346
x-amz-cf-id
w2GEa-Fp3uKI43_3wTdNEcyG-_0Ef0Ttim4Qb7pEXRztOIO3VHVRKA==
x-xss-protection
1; mode=block
expires
Sun, 05 May 2024 14:48:54 GMT

Redirect headers

Date
Tue, 14 May 2024 15:20:09 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
Server
Varnish
Location
https://a.disquscdn.com/blogger_index.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
0
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Origin
https://www.payperinvest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
4667121
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f0293485572bd1e684160366cf8d9ef8
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
883bdee299a2354b-WAW
cdn-requestpullsuccess
True
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.payperinvest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:00:25 GMT
x-content-type-options
nosniff
age
4784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:00:25 GMT
id
surfe.pro/net/
17 B
498 B
XHR
General
Full URL
https://surfe.pro/net/id
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.107.194.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.194.107.91.clients.your-server.de
Software
nginx /
Resource Hash
317194b9498d3314f537cb68e70b3c1f49009dec9e7f31b92cfec22ae3ea4b17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
remote-addr
80.255.7.107
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.payperinvest.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=(),geolocation=(self), camera=()
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
x-xss-protection
1; mode=block
teaser
surfe.pro/net/
20 KB
4 KB
XHR
General
Full URL
https://surfe.pro/net/teaser?sid=395205&w=1350&seed=2939792333971727&doc_ref=&href=aHR0cHM6Ly93d3cucGF5cGVyaW52ZXN0LmNvbS8=
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.107.194.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.194.107.91.clients.your-server.de
Software
nginx /
Resource Hash
d9f828d0175f3be29edf7061e3dfc1528be04e84e8239487ac4549e13dfe9089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
speed-06
b-found at 14 - 0.027096033096313
x-content-type-options
nosniff
speed-07
PH-all 549 checked - 0.027698993682861
content-encoding
gzip
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
remote-addr
80.255.7.107
speed-04
main-tid 2 - 0.011046171188354
speed-05
b-found at 9 - 0.021793127059937
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.payperinvest.com
access-control-allow-credentials
true
speed-08
main-t-old 2 - 0.027707099914551
permissions-policy
interest-cohort=(),geolocation=(self), camera=()
speed-03
site-inited-view - 0.011021137237549
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.0044081211090088
net.js
static.surfe.pro/js/
4 KB
0
Script
General
Full URL
https://static.surfe.pro/js/net.js
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907106ff835026bd9f8f6fbf84342aafc70923664634d6afbcd4da37a7dc964d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Mar 2024 12:29:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
75969
etag
W/"65e861ad-11a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLQnH6nzOdjbk6c1UtRnQ0ukYIz0DwavyYEiy3TNFD%2Fsm7dt5t6%2BpLO3JFuK9se0Yp2RzcyRvsIsqR338psGi5C3x8FuuT2zeSQOffQuGr5eNkPSA6fbgEdWhFmiIeKV0N1H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
883bdee28fdb1e68-FRA
alt-svc
h3=":443"; ma=86400
AVvXsEh7yuHbC4pzYp9T3tVopy7VF50URGhXC2M0613TwbLx8SMxAl-VDBkpm42HE5r6zgYkpihA_giQrYLuXTl2DARN77sNw5eWEw8ADbWEjBfOc1B9fWs9o2ncF5wCXgMJ-Yv13KgKYWyDLkD5zUUeQ3CwyLH-WqtOIa_tats4F5HBTCVoOvCDdqvUlGYdIg=w240
blogger.googleusercontent.com/img/a/
6 KB
0
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEh7yuHbC4pzYp9T3tVopy7VF50URGhXC2M0613TwbLx8SMxAl-VDBkpm42HE5r6zgYkpihA_giQrYLuXTl2DARN77sNw5eWEw8ADbWEjBfOc1B9fWs9o2ncF5wCXgMJ-Yv13KgKYWyDLkD5zUUeQ3CwyLH-WqtOIa_tats4F5HBTCVoOvCDdqvUlGYdIg=w240
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9728df11862ddce34df6bc9955648c20c45a5c18ef729ae8091dab514c62215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v605"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo_ppdark.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6068
x-xss-protection
0
expires
Wed, 15 May 2024 15:20:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/
412 KB
139 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
a171727de288c2244df3f5c4d20490fc0de4a4be1d0f516020a057cb0da52b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142567
x-xss-protection
0
server
cafe
etag
8378694156485982164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 May 2024 15:20:09 GMT
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PPP84K0WLB&gtm=45je45d0v9101079014za200&_p=1715700009282&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=908574406.1715700010&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715700009&sct=1&seg=0&dl=https%3A%2F%2Fwww.payperinvest.com%2F&dt=Get%20Paid%20Per%20Investment%20Easily%20and%20Efficiently.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPP84K0WLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 15:20:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.payperinvest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8ea13afe7b2bf734307a50954d84cc5c.jpeg
static.surfe.pro/upload/2555164/
34 KB
35 KB
Image
General
Full URL
https://static.surfe.pro/upload/2555164/8ea13afe7b2bf734307a50954d84cc5c.jpeg
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ada61c3885e498967f4f6445e23ae80d1ac4886e16bea48e4e213b13e2746a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 00:06:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20821
etag
W/"6642ab10-89b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWt%2BjxyeSofea4ig6tK6aUv7aOeJKlObg1Kx9wXMrqCJ1Kef0ls3QthCxyAGN8RWLhhpMzyXCJFRdqjcy0V0KUI5w5O5d0nT9ZcmRE%2FALzEDoW5MOOT8rlfNH8WzjkKmNtha"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
cf-ray
883bdee43b091e68-FRA
alt-svc
h3=":443"; ma=86400
f7d376ffcdb2c07a9eba141830fe99ff.jpeg
static.surfe.pro/upload/1947469/
695 KB
696 KB
Image
General
Full URL
https://static.surfe.pro/upload/1947469/f7d376ffcdb2c07a9eba141830fe99ff.jpeg
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4adc02f63efc566413f6a74a6339a6a86dfbb99d9089cec449097fd7fe0801

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:09 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 03:02:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4339
etag
W/"6642d461-adc21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAvb6q1JE3eYgwWpQ1kedEvYqr9JXT7FIXyY1Krl92JtYI755XpFGwI2KY3kTTqwnZ4nk4S2J1JzCrha%2BgUhqSzMlPd%2BplNds%2F9uE7UyjRqHEKd3LSt8z4PpMMVWUMn75GHu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
cf-ray
883bdee43b0f1e68-FRA
alt-svc
h3=":443"; ma=86400
count.js
payperinvest-1.disqus.com/
1 KB
2 KB
Script
General
Full URL
https://payperinvest-1.disqus.com/count.js
Requested by
Host: payperinvest-1.disqus.com
URL: https://payperinvest-1.disqus.com/blogger_index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 15:20:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW56-P1
Age
44
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 10 May 2024 16:49:52 GMT
Server
nginx
ETag
"663e5030-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
uDJPBGopQAIozuUNhCIKvPnoWT5aRbsZiwbr25mew8Av5ZMATtq5nw==
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/ Frame 7089
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
4524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 14:04:45 GMT
etag
5035419970550746386
expires
Tue, 28 May 2024 14:04:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 2657
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-8271138230391115&output=html&adk=1812271804&adf=3025194257&abgtt=2&lmt=1715677398&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.payperinvest.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715700009540&bpp=2&bdt=472&idt=270&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3985010957536&frm=20&pv=2&ga_vid=908574406.1715700010&ga_sid=1715700010&ga_hid=690877544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C31083588%2C95331983%2C95331712%2C95332402%2C95332416&oid=2&pvsid=820565116272973&tmod=986782163&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 15:20:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.payperinvest.com
URL: https://www.payperinvest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 15:20:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/
107 KB
108 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v6.4.2/css/all.css?ver=6.4.2
Origin
https://www.payperinvest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203970
alt-svc
h3=":443"; ma=86400
content-length
109808
last-modified
Fri, 22 Sep 2023 01:46:37 GMT
server
cloudflare
etag
"005c9aa92b564b73b7582cc4f1fa49cb"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wRTdp9PK%2BiaA9J1oL3txryaWo%2BYhGQS%2FIvXpho9vrKT4qnDZi3Vtm5e9VpDqPRMzQlcFF25osaPjwt6Ya3fZU6nuWGoSngvozN%2B%2B9M52T6CiocqkSeyIZfIbZ2vYSYzvc14mRMyI%2ByoL1aIkht0fAH8"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
883bdee66ff7194b-FRA
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
8588fee2a83ccd864c939da98c6de77ac251560ea8fd9042d4f4db5454b51e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12550
x-xss-protection
0
favicon.ico
www.payperinvest.com/
1 KB
712 B
Other
General
Full URL
https://www.payperinvest.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69a124fecc488e8e6c9907e9326362e13a4f4b1b12d8fd20ff3a9deff789c67a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 09:03:18 GMT
server
GSE
etag
W/"086bac96a5f2b402821548de586f493d6c379d4ac65e8176defa10f19d168a71"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
content-length
584
x-xss-protection
1; mode=block
expires
Tue, 14 May 2024 15:20:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271138230391115&plah=www.payperinvest.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.payperinvest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 15:20:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 May 2024 15:20:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21F6
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.payperinvest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
10763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:20:48 GMT
expires
Wed, 14 May 2025 12:20:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lh3.googleusercontent.com
URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u6pegT1YCfpDRMbg6a2PbD_BI1av8oB6fssi_VJV1TWEedt-rROFaA_iFXG3yFk2zpJEKGOLpZFK2qkt4QNfKXnzNdzic=w1200
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240509&jk=820565116272973&bg=!_f6l_rHNAAav94VWj_c7ADQBe5WfOJ8Nayf7U7EwKfJ4VkOlKr33MhILH89qpRejM7HDWePF9xhKjJTi58_9W-ic1jUQAgAAADFSAAAAAmgBB34ANQ-mN7aWi_Ofd-GbgZzX8TmBzeDi4xlGe2s8WTOY3kjaVbK2o5aW7UBDqCgLnPGeH0sUGMGCCgCHp-LmRaLVH2Bbnse5Iaj9pBbtiGwYtviPy2_EVAagok-mOEPpRvif86fWUgsAP-R3PR_WiZZ6LpC_PgC9TDw3gtOVPp2voBRzIYW-35-AFQUkTFnQKthMnwG3Myg3XQP2A7NFT0NyScfwDB4nGWSbtcOzCZWkxZ3A6bxOfQSeu3tZTsNtJ8tEmQKcy61brPFkNKYIS8_AAiU9iyPGxtZmrKOlm24SEQunIib8M1Uivw8mTJ94ojr_aURnm0gpdbYD0ZTHGBYuw9Av2PEWrSxjJO65llYwo4wOmW64I7GzE1WGXjyCHpSqwQevSNWBgN1rPjyl4V_x3-dr6Sm17f-x9BHdDxoFAA4ft_AWXDUP9XTWDhokNyjDWm86U3SuJMJpMl7fjvdWRYuo_vSltk9VvN1VfxAQyj1JJq5viQTh0QyCmmoXmh2yL0Z0T0IupwiD9LFK7_7dr7kgQEKTDzmRBgoC5o74HH2tU4wz6MsFO8MRbw9zAHB5obNrRDyvPTvwK1nw108k4F4MkN_PQPSB5TLKC68QhPRIKiaxP-gD4doqrqUHJ6qJiDBx-cLgguRUJiPhgjcXCVIoFMAmCjqtOuEPBu2wZNO3ySNrgoXPz8kxAzKZjDZ6JDCNOqTbsglSunYu3VwBh-GXXYlTAPci14HVa4ZhojYjfP220GliMhCTWfJMWhlEW4M4U1pYBGL6g0T1UT0EfOTOEP0CTvbX23ajddvML-O9IcN2Zbz-pA0ndwhLfAkH_jodk8sF9eZ8x4fIhGvLCcVAEEbZZRW9zsD0e0Ml0Tu4Al7dF78kj73Gi0uDzuHvgouKOCbKtmPqL6A5v2b2wDeUAc60NsyIvY9yvOpTNfD7RpTJsBy0wxxWVRhQdo_ehbpNEW9yVrHQ7tG7tL4gEoNt2yUuZOXW34XJb9sophfesOB_S5CX6zGxSYwNnTXoBPsOEfyLGeWbblXrdXekzkp_FpMrOgTZoqHzP2k3Ww6ozIqCPBp_i7p7H-7DLOgMdnvS2vBgbbaZ8npcONbQ3ikEX7fgINEOlJoMPqbI8z2pZ5Lo7NnJ6Sz0cBikkXw

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle string| disqus_shortname string| disqus_blogger_current_url string| disqus_blogger_homepage_url string| disqus_blogger_canonical_homepage_url object| adsurfebe string| loadmore_txt object| Modernizr string| olderPosts object| bootstrap function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| DISQUSWIDGETS undefined| disqus_domain object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.payperinvest.com/ Name: _ga_PPP84K0WLB
Value: GS1.1.1715700009.1.0.1715700009.0.0.0
.payperinvest.com/ Name: _ga
Value: GA1.1.908574406.1715700010

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
ajax.googleapis.com
blogger.googleusercontent.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
payperinvest-1.disqus.com
region1.google-analytics.com
static.surfe.pro
surfe.pro
tpc.googlesyndication.com
use.fontawesome.com
www.blogger.com
www.googletagmanager.com
www.payperinvest.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
104.18.10.207
172.67.221.174
199.232.192.134
199.232.194.49
2001:4860:4802:34::36
216.58.206.34
2606:4700:3037::ac43:8ef5
2a00:1450:4001:800::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2013
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::2009
2a00:1450:4001:830::2001
2a04:4e42:600::485
91.107.194.197
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
02d1b97897d833be63bc890802855b1a33b16c7a2894308e759ff741f2350201
03edc85b8b1f83f11490724b046f58ca9feff9fb2d01e675dcff2a86d15c0c2b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
10ddb403d4addc836328bfae8e4be198a72f7338e71089502349dc36be364c09
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
317194b9498d3314f537cb68e70b3c1f49009dec9e7f31b92cfec22ae3ea4b17
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
5c4adc02f63efc566413f6a74a6339a6a86dfbb99d9089cec449097fd7fe0801
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afdd9220f05b881c3ab6f54f573c85ff3bb5409857d7993c0e5010e14b7373
69a124fecc488e8e6c9907e9326362e13a4f4b1b12d8fd20ff3a9deff789c67a
6d80f58d06fa7044780197dba249bb0ded3376b0899ccf401fc4478cd38636e3
6e1d85e598fe8a4c6bc22574e4528f685db35d4677b3e836286dabff4629bb0d
70fe0621a98e3db1a659b9b8fcb9721e381e3958733d3b33ee221f636e4ae54b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
8588fee2a83ccd864c939da98c6de77ac251560ea8fd9042d4f4db5454b51e32
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
907106ff835026bd9f8f6fbf84342aafc70923664634d6afbcd4da37a7dc964d
98c4fe2a1cb159139854b0fa7c9b7f9f98b4667db13c6872e0f19830214cd3a7
9d98d979cd7d4a436d77b6ff99adf0ab914fbbf10699ccffaf752d9fefb561c6
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a171727de288c2244df3f5c4d20490fc0de4a4be1d0f516020a057cb0da52b9c
c088fec3e8e9295f3840229b86455dfab3ec841fc916ded28839a20ca5173d27
c84a3805c6c49ea0f9bbce3bf51170a5f020c03d3f90469db49019ece3fc023c
c9ada61c3885e498967f4f6445e23ae80d1ac4886e16bea48e4e213b13e2746a
ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b
d7e536496b4dc19d28e3ce66ecf873264c01a8c6e7a46db1c589f3cabed09b62
d9f828d0175f3be29edf7061e3dfc1528be04e84e8239487ac4549e13dfe9089
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9728df11862ddce34df6bc9955648c20c45a5c18ef729ae8091dab514c62215
f4d2f3db976e63abe29e64d68e95406ea43fe8f8ba48d5a88a4e388dadaa83f0
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1