urlscan.io logo urlscan.io
SecurityTrails logo

extraessay.com Open in urlscan Pro
2606:4700:3037::ac43:8edc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://essaypro.co/
Effective URL: https://extraessay.com/cs/
Submission: On September 26 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3037::ac43:8edc, located in United States and belongs to CLOUDFLARENET, US. The main domain is extraessay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 6th 2021. Valid for: a year.
This is the only time extraessay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.78.26 2635 (AUTOMATTIC)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:21f... 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.69 16509 (AMAZON-02)
10 3.21.101.124 16509 (AMAZON-02)
1 44.196.234.143 14618 (AMAZON-AES)
1 2600:9000:21f... 16509 (AMAZON-02)
1 35.190.210.193 15169 (GOOGLE)
1 13.224.193.38 16509 (AMAZON-02)
1 13.224.193.91 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.81.27.250 16509 (AMAZON-02)
1 13.225.78.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
46 22
2    2606:4700:3031::6815:56fc (United States)

ASN13335 (CLOUDFLARENET, US)
essaypro.co
1    192.0.78.26 (United States)

ASN2635 (AUTOMATTIC, US)
href.li
4    2606:4700:3037::ac43:8edc (United States)

ASN13335 (CLOUDFLARENET, US)
extraessay.com
1    2600:9000:21f3:4400:11:647d:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
fstrk.net
4    2606:4700:3034::6815:4f09 (United States)

ASN13335 (CLOUDFLARENET, US)
dexwebanalytics.dexfront.live
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net
static.hotjar.com
10    3.21.101.124 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-101-124.us-east-2.compute.amazonaws.com
api.paradisegateway.tech
1    44.196.234.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-234-143.compute-1.amazonaws.com
ipgeolocation.abstractapi.com
1    2600:9000:21f3:a400:9:6c12:54c0:21 (United States)

ASN16509 (AMAZON-02, US)
d11plxcw666k43.cloudfront.net
1    35.190.210.193 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 193.210.190.35.bc.googleusercontent.com
click.fstrk.net
1    13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net
script.hotjar.com
1    13.224.193.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-91.fra2.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    13.225.78.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-127.fra2.r.cloudfront.net
vc.hotjar.io
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Domain Requested by
10 api.paradisegateway.tech extraessay.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
extraessay.com
4 dexwebanalytics.dexfront.live extraessay.com
dexwebanalytics.dexfront.live
4 extraessay.com href.li
extraessay.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com extraessay.com
apis.google.com
2 www.googletagmanager.com extraessay.com
href.li
2 essaypro.co 2 redirects
1 ssl.gstatic.com accounts.google.com
1 www.google.de extraessay.com
1 www.google.com extraessay.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 click.fstrk.net fstrk.net
1 d11plxcw666k43.cloudfront.net extraessay.com
1 ipgeolocation.abstractapi.com extraessay.com
1 static.hotjar.com www.googletagmanager.com
1 fstrk.net extraessay.com
1 href.li
46 22

This site contains no links.

Subject Issuer Validity Valid
tls.automattic.com
R3		 2021-08-18 -
2021-11-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-06 -
2022-09-05		 a year crt.sh
fstrk.net
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
api.paradisegateway.tech
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
ipgeolocation.abstractapi.com
Amazon		 2021-06-22 -
2022-07-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
click.fstrk.net
R3		 2021-08-07 -
2021-11-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://extraessay.com/cs/
Frame ID: 5370108C108EC0E93CD5A6A34E7AB386
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: B8CF3AD731F89388C90777B8BC1164C7
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E83D56FC134143C9195FD17DBC534CC9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Essay Help For Students | Paper Writing Service | ExtraEssay

Page URL History Show full URLs

  1. http://essaypro.co/ HTTP 301
    https://essaypro.co/ HTTP 302
    https://href.li/?https://extraessay.com/cs/ Page URL
  2. https://extraessay.com/cs/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

46
Requests

100 %
HTTPS

59 %
IPv6

16
Domains

22
Subdomains

22
IPs

4
Countries

1488 kB
Transfer

4884 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://essaypro.co/ HTTP 301
    https://essaypro.co/ HTTP 302
    https://href.li/?https://extraessay.com/cs/ Page URL
  2. https://extraessay.com/cs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://essaypro.co/ HTTP 301
  • https://essaypro.co/ HTTP 302
  • https://href.li/?https://extraessay.com/cs/

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
href.li/
Redirect Chain
  • http://essaypro.co/
  • https://essaypro.co/
  • https://href.li/?https://extraessay.com/cs/
446 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://extraessay.com/cs/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:06 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
2.hhn _dfw

Redirect headers

date
Sun, 26 Sep 2021 12:37:06 GMT
content-type
text/html
location
https://href.li/?https://extraessay.com/cs/#/order/step-1/?key_wpg = e0457ed6240dd082fbbd81d5552bf040&discount=MXN23&sub_id=ep
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrx%2FZebrFZtk3kJNj2bhylzaALpWwLsMn6lJydL14jsMu1dHtcOnP58bSWuMlT%2Fq%2BWNLyo9s4A69qflVNXSNryLsypJBwYDsbZP%2By1WyAYoDqFTdAboTC9WFuFTKhhmIUZ%2FMDW6ykGsyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
694c8aaa2e872b16-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request /
extraessay.com/cs/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extraessay.com/cs/
Requested by
Host: href.li
URL: https://href.li/?https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8edc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0737db3c4e48a4260a88184002cd46a1c5ae4196d6c9d45786125857ed627d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
extraessay.com
:scheme
https
:path
/cs/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 26 Sep 2021 12:37:07 GMT
content-type
text/html
vary
Accept-Encoding
cache-control
max-age=2000000,public max-age=31536000
expires
Wed, 01 Sep 2027 00:00:00 GMT
last-modified
Fri, 24 Sep 2021 11:37:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FtoY1DKxy7Kr%2FQYJUxPge34x%2BH1tQ9NzMVo5lzWvFR2o32y2IUkmq9ofGiDlmKVw9MorwwygumcHwjytujZvXWqDARHGewg976z7RBYB5lU7ozNAYmruHicQXKgFGyBSJwclguAoAOxoULBgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
694c8aad9fd11f11-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
runtime~main.9e40dd7d50936d28b413.js
extraessay.com/cs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extraessay.com/cs/runtime~main.9e40dd7d50936d28b413.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8edc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5d4d5105612b8334936bad8e25d5af423576c57d5ac844e313f3aaba66a13a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/cs/runtime~main.9e40dd7d50936d28b413.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
extraessay.com
referer
https://extraessay.com/cs/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/cs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
941795
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 14:19:25 GMT
server
cloudflare
etag
W/"d5312e3bfa8fb5657f59906515a8ca50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcsrdGt8Iyr1v3utTY1KxJmRCC6vPBG0RNHlXX0fYPjUf9eQRX%2FVvG1Bhxgp0%2BTDs7ju%2BtpkzMvRGj4qjrDYKpzoDRjy41yY7HcK7Dq7ReyBbmom3wk8aXvXNj7vHxUi5FD8B3yzUkDwKZEhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
694c8ab5fc9d1f11-FRA
expires
Wed, 01 Sep 2027 00:00:00 GMT
vendor.fefab560cd8fa651ed83.chunk.js
extraessay.com/cs/ 		3 MB
909 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extraessay.com/cs/vendor.fefab560cd8fa651ed83.chunk.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8edc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf98c24c28e928741ed84d49eb9626787f81acad682783418a636643740d8e2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/cs/vendor.fefab560cd8fa651ed83.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
extraessay.com
referer
https://extraessay.com/cs/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/cs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 14:19:25 GMT
server
cloudflare
etag
W/"63e0a543deb266d369fa1af2408165ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0OV0Rd6zRz4mYOwjptlZ54TDAgN7Od1rWY4of0PMBS14wlhYEG8hjCqsJnb%2BWtWicKOVC%2FNW0A3qdeGakp6X0JT8Ui8MdSLEQGfQLiup1cJ%2B%2FIKqD87nWJeTjt5TNg75aHgm0rBX7X%2FVLPKnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
694c8ab5fc9f1f11-FRA
expires
Wed, 01 Sep 2027 00:00:00 GMT
main.e0e61b4ee132be3fc964.chunk.js
extraessay.com/cs/ 		606 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8edc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355a6e362bd756de954b4370bceeb7b5f5ec3c0b99c2d5fdf58f2a81d6aee8c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/cs/main.e0e61b4ee132be3fc964.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
extraessay.com
referer
https://extraessay.com/cs/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/cs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
176040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 24 Sep 2021 11:37:57 GMT
server
cloudflare
etag
W/"8816fb9ffad59c9ee3875dbc4d69640b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9W8o4F6mmSx6K8GY%2BLM%2B69vYtSorlFi2VCqFMAOTm47%2FgcwtNNhGBhG6zzv0u8TTCdQEjy6ZSOF%2F%2Bwetr6XCJWUiZvACH0ZZCourpx%2FACkw2R1q3BPwtGygNhOyGzWc4ymi2%2B3MsUjLgBsszg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
694c8ab5fca01f11-FRA
expires
Wed, 01 Sep 2027 00:00:00 GMT
landing.js
fstrk.net/api/tracker/d5c186983b52c4551ee00f72316c6eaa/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstrk.net/api/tracker/d5c186983b52c4551ee00f72316c6eaa/landing.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4400:11:647d:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b795d6ccc12f75df5f1264dfdc1d43d87bff3c3ddf4de4b6f9ad9bb96ffc883

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 05:19:12 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 10:00:39 GMT
server
AmazonS3
age
2186277
etag
W/"160810f6d3590ced6e40972407917eff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
rf6eoTUc76WyJDjtyGdNzcMM6CnTNOaOlKVqW-OOduFpWvX4JqwSjQ==
container_k3FvjJxG.js
dexwebanalytics.dexfront.live/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dexwebanalytics.dexfront.live/js/container_k3FvjJxG.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4f09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		298 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBNJGSG
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bca45e413e124aada7f4e4a759eeff16b2b3acabef1091bcca78f36f94752170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73614
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Sep 2021 12:37:08 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBNJGSG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6611
date
Sun, 26 Sep 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 26 Sep 2021 12:46:57 GMT
hotjar-1050729.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1050729.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBNJGSG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-69.fra2.r.cloudfront.net
Software
/
Resource Hash
bf7316bcb740a901ffcf66fd45216ee20ff5304ae0f37e837d77647422ae555f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-edge-origin-shield-skipped
0
etag
W/d1289e5961c891bbace672766c02a7f6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1898
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-id
KZTjBfVumbje5ZNd_bhUBxHvvqv0eptBJHZdrSi6rtK-E2XUNQ4CjA==
/
api.paradisegateway.tech/api/customer/main/trackTraffic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/trackTraffic/
Protocol
H2
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-client-ip,x-site-token
Origin
https://extraessay.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:09 GMT
content-type
application/json; charset=utf-8
content-length
138
x-powered-by
PHP/7.2.34
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
vary
Accept-Encoding
content-encoding
gzip
/
api.paradisegateway.tech/api/customer/main/getConfig/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/getConfig/
Protocol
H2
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-client-ip,x-site-token
Origin
https://extraessay.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:08 GMT
content-type
application/json; charset=utf-8
content-length
3421
x-powered-by
PHP/7.2.34
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
vary
Accept-Encoding
content-encoding
gzip
piwik.js
dexwebanalytics.dexfront.live/ 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dexwebanalytics.dexfront.live/piwik.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/vendor.fefab560cd8fa651ed83.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4f09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da3beb40e3c7894a300ff0e37f8d70f6716d932bc92911c08d6713650b6fb50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156496
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 16 Apr 2021 19:27:09 GMT
server
cloudflare
etag
W/"6079e50d-26f97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7nYGUXKSsmrWqdVk4nvJYTn9aaQkTGzBGTGSLGhdQYqXfvK43zKP2gi%2Bvd%2BKphRYR9gJPBO%2FDGIrlKI1eN92AO5wnOJXl2keplEgWcQBiqL9rVF1BUFWarXj0u87FrPYrEfNASpPIQV%2FSO9Xj%2BnxFrKnOVc%2FZeHIftNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
694c8ab7886c4e31-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		298 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBNJGSG&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: href.li
URL: https://href.li/?https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af0981fb8314da69a00e192f1bfb219fcb4a9e7838f8dca7824f5ebcb4d6c5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73554
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Sep 2021 12:37:08 GMT
/
api.paradisegateway.tech/api/customer/main/trackTraffic/ 		276 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/trackTraffic/
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash
4f3e4d4c53264ea630e3c4b349ee3a3ec21f98b379f6e6419bd752f3c007ffa7

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
X-Site-Token
11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Client-Ip
false
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRsPxCdPrBrjTHCNP

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token, Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
content-length
234
/
ipgeolocation.abstractapi.com/v1/ 		938 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=c3fd912a86334090a5793ccb005697b5
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.234.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-234-143.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9e68c2d2f3e7ed8ba64e3f9b31e2953ca52cbfd4ae97b7ecfd65c0d33b7a9f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
referrer-policy
same-origin
server
nginx/1.14.0 (Ubuntu)
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
allow
GET, HEAD, OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie, Origin
content-length
938
x-content-type-options
nosniff
/
api.paradisegateway.tech/api/customer/main/getConfig/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/getConfig/
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash
ac69b4dff928c735113fe5ddb149ac345af2ec2154da363c3b932a12eff1f30e

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
X-Site-Token
11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Client-Ip
false
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylh8PZodmLJtgRbpc

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token, Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
content-length
3422
spinner.svg
d11plxcw666k43.cloudfront.net/assets/images/ 		772 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11plxcw666k43.cloudfront.net/assets/images/spinner.svg
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a400:9:6c12:54c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6f4edc354b9d7903a7c200054bc771b0629571435086a94c2e21d9729189b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:03:21 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified
Thu, 19 Nov 2020 15:09:39 GMT
server
AmazonS3
age
84828
etag
"f3dff0bc95a47894d601d71547f0d115"
x-edge-origin-shield-skipped
0
content-type
image/svg+xml
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
772
x-amz-cf-id
v_KODyd8jMulvFWK02qNSmx4waeyn-jT6CMDAbJWfWbNnKb9jSnD3A==
track
click.fstrk.net/d5c186983b52c4551ee00f72316c6eaa/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://click.fstrk.net/d5c186983b52c4551ee00f72316c6eaa/track?http_click_referer=&fingerprint=fdd983a88923167d0c17f39f5d6fa963&fs_secure_code=f0d9cf633d9238ebeadd56144d2ef261&fs_aff_source=&fs_product_id=11&fs_product_name=ExtraEssay&fs_transaction_id=&callback=jsonp1632660729766
Requested by
Host: fstrk.net
URL: https://fstrk.net/api/tracker/d5c186983b52c4551ee00f72316c6eaa/landing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.210.193 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
193.210.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1050729.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1488122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5UHm5yfmObZxSqtGbfKLKs3xRE7HAMGwGNdmAaCheXau1NgN1_cIuw==
js
www.google-analytics.com/gtm/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NXZFMGK&t=gtm14&cid=1276554139.1632659829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4650d221d83b254d65ef703a0cbf81c570fb636e956758ea0e860bc71fa61f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39431
x-xss-protection
0
expires
Sun, 26 Sep 2021 12:37:08 GMT
configs.php
dexwebanalytics.dexfront.live/plugins/HeatmapSessionRecording/ 		116 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dexwebanalytics.dexfront.live/plugins/HeatmapSessionRecording/configs.php?idsite=4&trackerid=gQcnTH&url=https%3A%2F%2Fextraessay.com%2Fcs%2F%23%2Forder%2Fstep-1%2F%3Fkey_wpg%20%3D%20e0457ed6240dd082fbbd81d5552bf040%26discount%3DMXN23%26sub_id%3Dep
Requested by
Host: dexwebanalytics.dexfront.live
URL: https://dexwebanalytics.dexfront.live/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4f09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.1
Resource Hash
77fa77192dda7efb034f33be68a0e817e7f694296adcbec1fbc76cb3473ff05a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzhZUFQuRqC6tN4bCFoZJ8FCGYAw48oX5gbovQQeeK52GeL94Rs7eQCrqXz2I%2FT4wM2UdZnegAKe%2F%2FKkAqRfp4LN7Jz8Ac7s8clHgfUJ0zkMwVFdVEIEKhRAwnSwiaZV%2BTkMvLrb2GKp%2BxUf6BAA30AFSYQs712aXT%2FrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
694c8ab93b284e31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame B8CF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1050729.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://extraessay.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
XaXsxcTdd8yiSdsr0wN9_r-6Fz1tkTLjXeOv4EzGJr8lZugP8gNHjw==
age
5873523
collect
www.google-analytics.com/j/ 		2 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=124071098&t=pageview&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&dr=&ul=en-us&de=UTF-8&dt=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=751043980&gjid=910265728&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&_r=1&gtm=2wg9m0TBNJGSG&cd3=1632659828705.0x0m09i&cd4=2021-09-26T12%3A37%3A08.705%2B00%3A00&cd1=1276554139.1632659829&z=390646959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 12:37:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extraessay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=124071098&t=pageview&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&dp=%2Forder%2Fstep-1%2F&ul=en-us&de=UTF-8&dt=%2Forder%2Fstep-1%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&gtm=2wg9m0TBNJGSG&cd3=1632659828455.qm2i2imc&cd4=2021-09-26T12%3A37%3A08.456%2B00%3A00&cd1=1276554139.1632659829&z=1746220716
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 11:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2300
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-77902772-1&cid=1276554139.1632659829&jid=751043980&gjid=910265728&_gid=375479023.1632659829&_u=aGDACEACRAAAAC~&z=780969832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 26 Sep 2021 12:37:08 GMT
content-type
text/plain
access-control-allow-origin
https://extraessay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1050729/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1050729/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1050729
vc.hotjar.io/sessions/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1050729?s=0.25&r=0.07788787661181384
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:08 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
Kg1Y3n9yyl-0Qnin1GASY1nLmKYbArmKwQqWB3c77swEd0nUvyBq2g==
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77902772-1&cid=1276554139.1632659829&jid=751043980&_u=aGDACEACRAAAAC~&z=2008344798
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77902772-1&cid=1276554139.1632659829&jid=751043980&_u=aGDACEACRAAAAC~&z=2008344798
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=124071098&t=event&ni=1&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&ul=en-us&de=UTF-8&dt=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&gtm=2wg9m0TBNJGSG&cd3=1632659829097.7iwhgris&cd4=2021-09-26T12%3A37%3A09.97%2B00%3A00&cd1=1276554139.1632659829&z=632983638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 11:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2301
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=124071098&t=event&ni=1&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&ul=en-us&de=UTF-8&dt=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&gtm=2wg9m0TBNJGSG&cd3=1632659829104.yrmpisi&cd4=2021-09-26T12%3A37%3A09.104%2B00%3A00&cd1=1276554139.1632659829&z=1548423997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 11:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2301
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=124071098&t=event&ni=1&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&ul=en-us&de=UTF-8&dt=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&gtm=2wg9m0TBNJGSG&cd3=1632659829109.2fhg1yka&cd4=2021-09-26T12%3A37%3A09.109%2B00%3A00&cd1=1276554139.1632659829&z=1968013491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 11:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2301
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=124071098&t=event&ni=1&_s=1&dl=https%3A%2F%2Fextraessay.com%2Fcs%2F&ul=en-us&de=UTF-8&dt=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=90&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=1276554139.1632659829&tid=UA-77902772-1&_gid=375479023.1632659829&gtm=2wg9m0TBNJGSG&cd3=1632659829114.a9nkssk&cd4=2021-09-26T12%3A37%3A09.114%2B00%3A00&cd1=1276554139.1632659829&z=83048227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 11:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2301
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
api.paradisegateway.tech/api/customer/user/getStats/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/user/getStats/
Protocol
H2
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
user-token,x-client-ip,x-site-token
Origin
https://extraessay.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:09 GMT
content-type
application/json; charset=utf-8
content-length
166
x-powered-by
PHP/7.2.34
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
vary
Accept-Encoding
content-encoding
gzip
/
api.paradisegateway.tech/api/customer/main/checkDiscountCode/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/checkDiscountCode/
Protocol
H2
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
user-token,x-client-ip,x-site-token
Origin
https://extraessay.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:09 GMT
content-type
application/json; charset=utf-8
content-length
157
x-powered-by
PHP/7.2.34
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
vary
Accept-Encoding
content-encoding
gzip
/
api.paradisegateway.tech/api/customer/user/getStats/ 		182 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/user/getStats/
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash
cdc1ecb2cb6c4214edac7af0017aa6c2a50d1e3437acd5f2e192d306db2866d1

Request headers

Referer
https://extraessay.com/
User-Token
false
Accept-Language
de-DE,de;q=0.9
X-Site-Token
11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Client-Ip
194.36.108.20
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryxL6SkhUPOR0MUgdS

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token, Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
content-length
162
/
api.paradisegateway.tech/api/customer/main/checkDiscountCode/ 		193 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/checkDiscountCode/
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash
9c8f102555101cd3d7a76f288b44e02610116600d9818c93640c56eb74fa925b

Request headers

Referer
https://extraessay.com/
User-Token
false
Accept-Language
de-DE,de;q=0.9
X-Site-Token
11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Client-Ip
194.36.108.20
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGvUSe2ds1RmLHhs2

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token, Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
content-length
158
getTestingSetupProperties
api.paradisegateway.tech/api/customer/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/getTestingSetupProperties
Protocol
H2
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
user-token,x-client-ip,x-site-token
Origin
https://extraessay.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 26 Sep 2021 12:37:09 GMT
content-type
application/json; charset=utf-8
content-length
189
x-powered-by
PHP/7.2.34
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
vary
Accept-Encoding
content-encoding
gzip
matomo.php
dexwebanalytics.dexfront.live/ 		21 KB
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://dexwebanalytics.dexfront.live/matomo.php?action_name=Essay%20Help%20For%20Students%20%7C%20Paper%20Writing%20Service%20%7C%20ExtraEssay&idsite=4&rec=1&r=240725&h=12&m=37&s=9&url=https%3A%2F%2Fextraessay.com%2Forder%2Fstep-1%2F&_id=3fc784ea73db2041&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=5a971cda7ed73368d6d6a35f2743a370&dimension2=Member&dimension3=No%20key%20wpg&dimension4=No%20key%20cpl&pf_net=43.29999923706055&pf_srv=1317&pf_tfr=0.8999996185302734&pf_dm2=536.1000003814697&pf_onl=0.19999980926513672&pv_id=laLv5k
Requested by
Host: dexwebanalytics.dexfront.live
URL: https://dexwebanalytics.dexfront.live/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4f09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.1
Resource Hash
ed13f97c890990913d91bed96390207f7e92a8bb44f325ca5e5b24d3d83712fc

Request headers

Referer
https://extraessay.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyRWSbK7JH0l7onBDWAbj2gc%2B11kgFCy5XUXJ5jO1Hr%2FWQN3zAZaM42dX67XgQERBVO7cOJcRscAexYRpm3uP5%2FMw1WJeitQgNNDO4HAr5VJtEYt1peOkoQUKqFgEIEH0wUwslueEZpaV5X3ED6LvZ4Lg%2Bjci%2B8xYTOCEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://extraessay.com
access-control-allow-credentials
true
cf-ray
694c8abca9c24e31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27d8480f129587e0b2b3af58beb0cee339d1f72861f484b068dc6e4ca93a4725

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2775982e3772a07409a02fe024e06c6627994904f211b09dd651d149daf6d5d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f07b56d9632729aa0fed841c28700f0d80ddc4fa9c00111344713eaad0d2e44a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3b433ced80ecfca5b447fcd16dc6bb7b9f22a07809303108b53d4106abe970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i/WUUnVji0dvE0KPpD0Eyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-i/WUUnVji0dvE0KPpD0Eyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sun, 26 Sep 2021 12:37:09 GMT
getTestingSetupProperties
api.paradisegateway.tech/api/customer/main/ 		181 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.paradisegateway.tech/api/customer/main/getTestingSetupProperties
Requested by
Host: extraessay.com
URL: https://extraessay.com/cs/main.e0e61b4ee132be3fc964.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.101.124 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-101-124.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.2.34
Resource Hash
6c283862ff792a16e142e831054b2c6319125c94c03c94a2be21629e6024efeb

Request headers

Referer
https://extraessay.com/
User-Token
false
Accept-Language
de-DE,de;q=0.9
X-Site-Token
11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Client-Ip
194.36.108.20
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryVinxcBCMmySO9iVI

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, User-Token, Referer, X-Client-Ip, User-Agent, Content-Type, Content-Length, Accept-Encoding, User-Token, X-Site-Token
content-length
161
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3a2e13400574947839555d779a6a7049365684d0e9781ed0a3153c462f87ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34990
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 21 Sep 2022 19:26:21 GMT
iframe
accounts.google.com/o/oauth2/ Frame E83D 		513 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7c9433becfd4c6bda75695a49a1867a6d41d242a84c09e197ab41ebe469d80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g2zPv6aln3GW035wfFIa7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://extraessay.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=Q0_s0H0K0vM4uDpPY0aXRPczsHxzYLVGC5yP9A2F9DR4bh2yMxug_p3WZkLILrSGRKCto73U3VBUJ91QY3pkrMtpLoQTCzdNZWCvanWgVrwSIDAro9LU7GnvbuVt-K3UJKhHsWNyzuQgSjVLaDtfQc5jlLUWoCXah85ajCC7m1g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://extraessay.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Sep 2021 12:37:09 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-g2zPv6aln3GW035wfFIa7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1751795023-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame E83D 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1751795023-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387e8b5019922c28cdc230b2cb4eb495b498aa0457bba42eb16d690e36773942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 20:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40255
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 04:14:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Tue, 20 Sep 2022 20:57:20 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame E83D 		14 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fextraessay.com&client_id=329244705141-n9kee97p3ud0749gsp1eri4kh7b6bjut.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1751795023-idpiframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 12:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 26 Sep 2021 13:37:09 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _mtm object| d object| g object| s object| dataLayer object| webpackJsonp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| setImmediate function| clearImmediate object| regeneratorRuntime object| core boolean| _babelPolyfill function| _ object| _paq object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| fsPassedParameters function| callFs function| Fingerprint2 function| JSONP function| jsonp1632660729766 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| google_optimize function| _ga_originalSendHitTask object| gapi object| ___jsl object| osapi

11 Cookies

Domain/Path Name / Value
.extraessay.com/ Name: _ga
Value: GA1.2.1276554139.1632659829
.extraessay.com/ Name: _gid
Value: GA1.2.375479023.1632659829
.extraessay.com/ Name: _gat_UA-77902772-1
Value: 1
.extraessay.com/ Name: _hjid
Value: 03f4a9da-826f-4e4e-abb0-20703ef9f6e8
.extraessay.com/ Name: _hjFirstSeen
Value: 1
extraessay.com/ Name: _hjIncludedInPageviewSample
Value: 1
.extraessay.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
extraessay.com/ Name: _pk_id.4.bf85
Value: 3fc784ea73db2041.1632659829.
extraessay.com/ Name: _pk_ses.4.bf85
Value: 1
.google.com/ Name: NID
Value: 511=Q0_s0H0K0vM4uDpPY0aXRPczsHxzYLVGC5yP9A2F9DR4bh2yMxug_p3WZkLILrSGRKCto73U3VBUJ91QY3pkrMtpLoQTCzdNZWCvanWgVrwSIDAro9LU7GnvbuVt-K3UJKhHsWNyzuQgSjVLaDtfQc5jlLUWoCXah85ajCC7m1g
.extraessay.com/ Name: G_ENABLED_IDPS
Value: google

1 Console Messages

Source Level URL
Text
network error URL: https://dexwebanalytics.dexfront.live/js/container_k3FvjJxG.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.paradisegateway.tech
apis.google.com
click.fstrk.net
d11plxcw666k43.cloudfront.net
dexwebanalytics.dexfront.live
essaypro.co
extraessay.com
fstrk.net
href.li
in.hotjar.com
ipgeolocation.abstractapi.com
script.hotjar.com
ssl.gstatic.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.193.38
13.224.193.91
13.225.78.127
13.225.78.69
192.0.78.26
2600:9000:21f3:4400:11:647d:8600:93a1
2600:9000:21f3:a400:9:6c12:54c0:21
2606:4700:3031::6815:56fc
2606:4700:3034::6815:4f09
2606:4700:3037::ac43:8edc
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::200d
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
3.21.101.124
35.190.210.193
44.196.234.143
99.81.27.250
1b795d6ccc12f75df5f1264dfdc1d43d87bff3c3ddf4de4b6f9ad9bb96ffc883
2775982e3772a07409a02fe024e06c6627994904f211b09dd651d149daf6d5d3
27d8480f129587e0b2b3af58beb0cee339d1f72861f484b068dc6e4ca93a4725
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
355a6e362bd756de954b4370bceeb7b5f5ec3c0b99c2d5fdf58f2a81d6aee8c3
387e8b5019922c28cdc230b2cb4eb495b498aa0457bba42eb16d690e36773942
4650d221d83b254d65ef703a0cbf81c570fb636e956758ea0e860bc71fa61f1d
4f3e4d4c53264ea630e3c4b349ee3a3ec21f98b379f6e6419bd752f3c007ffa7
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
5da3beb40e3c7894a300ff0e37f8d70f6716d932bc92911c08d6713650b6fb50
6c283862ff792a16e142e831054b2c6319125c94c03c94a2be21629e6024efeb
77fa77192dda7efb034f33be68a0e817e7f694296adcbec1fbc76cb3473ff05a
7f5d4d5105612b8334936bad8e25d5af423576c57d5ac844e313f3aaba66a13a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8b3b433ced80ecfca5b447fcd16dc6bb7b9f22a07809303108b53d4106abe970
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9c8f102555101cd3d7a76f288b44e02610116600d9818c93640c56eb74fa925b
9e68c2d2f3e7ed8ba64e3f9b31e2953ca52cbfd4ae97b7ecfd65c0d33b7a9f59
a0737db3c4e48a4260a88184002cd46a1c5ae4196d6c9d45786125857ed627d7
ab7c9433becfd4c6bda75695a49a1867a6d41d242a84c09e197ab41ebe469d80
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
ac69b4dff928c735113fe5ddb149ac345af2ec2154da363c3b932a12eff1f30e
af0981fb8314da69a00e192f1bfb219fcb4a9e7838f8dca7824f5ebcb4d6c5f3
bca45e413e124aada7f4e4a759eeff16b2b3acabef1091bcca78f36f94752170
bf7316bcb740a901ffcf66fd45216ee20ff5304ae0f37e837d77647422ae555f
bf98c24c28e928741ed84d49eb9626787f81acad682783418a636643740d8e2e
cdc1ecb2cb6c4214edac7af0017aa6c2a50d1e3437acd5f2e192d306db2866d1
d6f4edc354b9d7903a7c200054bc771b0629571435086a94c2e21d9729189b00
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3a2e13400574947839555d779a6a7049365684d0e9781ed0a3153c462f87ef
ed13f97c890990913d91bed96390207f7e92a8bb44f325ca5e5b24d3d83712fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07b56d9632729aa0fed841c28700f0d80ddc4fa9c00111344713eaad0d2e44a
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62