URL: https://payment.essayabc.xyz/
Submission: On December 28 via automatic, source certstream-suspicious

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 58 HTTP transactions. The main IP is 50.116.9.88, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is payment.essayabc.xyz.
TLS certificate: Issued by R3 on December 28th 2020. Valid for: 3 months.
This is the only time payment.essayabc.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
16 essayshark.com payment.essayabc.xyz
6 fonts.gstatic.com payment.essayabc.xyz
5 www.google-analytics.com payment.essayabc.xyz
www.google-analytics.com
4 cdn5.essayshark.com payment.essayabc.xyz
4 payment.essayabc.xyz payment.essayabc.xyz
essayshark.com
2 www.youtube.com payment.essayabc.xyz
www.youtube.com
2 s3-us-west-2.amazonaws.com cdn.ywxi.net
2 www.facebook.com payment.essayabc.xyz
2 www.google.de payment.essayabc.xyz
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net payment.essayabc.xyz
connect.facebook.net
2 www.googletagmanager.com payment.essayabc.xyz
www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.com payment.essayabc.xyz
1 analytics.google.com www.googletagmanager.com
1 static.hotjar.com payment.essayabc.xyz
1 cdn.ywxi.net payment.essayabc.xyz
1 images.dmca.com payment.essayabc.xyz
1 cdn3.essayshark.com payment.essayabc.xyz
1 cdn1.essayshark.com payment.essayabc.xyz
58 21
Subject Issuer Validity Valid
payment.essayabc.xyz
R3
2020-12-28 -
2021-03-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-13 -
2021-08-13
a year crt.sh
essayshark.com
DigiCert SHA2 Extended Validation Server CA
2019-10-11 -
2021-10-24
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2
2020-03-13 -
2022-04-04
2 years crt.sh
*.ywxi.net
Amazon
2020-09-01 -
2021-10-02
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-11-02 -
2021-01-30
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-07-30 -
2021-08-04
a year crt.sh

This page contains 2 frames:

Primary Page: https://payment.essayabc.xyz/
Frame ID: 798794518FB4ADCA5E4F551BB15C161F
Requests: 57 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4FAA183814DE269584C44C7A4EFC89FD
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

58
Requests

100 %
HTTPS

57 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

644 kB
Transfer

1625 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payment.essayabc.xyz/
91 KB
24 KB
Document
General
Full URL
https://payment.essayabc.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.116.9.88 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li451-88.members.linode.com
Software
Apache /
Resource Hash
f8e45f7bbdc546f75ca514f26cbc70af73a906ae468daa75a731ab195489014b

Request headers

Host
payment.essayabc.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:11 GMT
Server
Apache
Upgrade
h2
Connection
Upgrade, Keep-Alive
Last-Modified
Sat, 25 Apr 2020 07:41:49 GMT
ETag
"16be4-5a4189d55fd00-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
24486
Keep-Alive
timeout=5, max=100
Content-Type
text/html
logo.svg
cdn1.essayshark.com/w3t_img/images/
12 KB
4 KB
Image
General
Full URL
https://cdn1.essayshark.com/w3t_img/images/logo.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.31.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05235a19691010b2037132e311a7873a38818c107661914d2c9ad6a91cadbc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16279
vary
Accept-Encoding
cf-request-id
074c53cc72000032bdedb96000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-2e83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c0bcef32bd-CDG
expires
Mon, 04 Jan 2021 14:30:52 GMT
icon__info.svg
essayshark.com/w3t_img/images/
1 KB
650 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/icon__info.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc7887aea612f09758812d777052c3b3a93f7f94064934c3458ee553781e159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccb30000085b5db28000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c11ce4085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
getseal.png
essayshark.com/w3t_img/images/
2 KB
2 KB
Image
General
Full URL
https://essayshark.com/w3t_img/images/getseal.png
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61578007af4af09e1405d4eb1a388c1fcd4e47c7ff070e513c95e578123c0f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
17050
vary
Accept-Encoding
content-length
1846
cf-request-id
074c53ccb60000085b4b0d7000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
"5fe9e6c5-736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
608d88c11ce9085b-CDG
expires
Mon, 04 Jan 2021 14:18:00 GMT
index.html
payment.essayabc.xyz/
64 KB
64 KB
Image
General
Full URL
https://payment.essayabc.xyz/index.html
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.116.9.88 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li451-88.members.linode.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Apr 2020 07:41:49 GMT
Server
Apache
ETag
"16be4-5a4189d55fd00-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24486
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4297
date
Mon, 28 Dec 2020 17:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 28 Dec 2020 19:50:34 GMT
gtm.js
www.googletagmanager.com/
172 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M74F3P8
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05de1de493aefe982af5ba8f09516eeb40c339a009440435f737f9af6171d4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Dec 2020 19:02:11 GMT
sprite.svg
cdn3.essayshark.com/w3t_img/images/
76 KB
15 KB
Image
General
Full URL
https://cdn3.essayshark.com/w3t_img/images/sprite.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.20.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbfccf78bdaa80402b6475f47957a8f8f3b2b6b514723848699b7e929363494e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16278
vary
Accept-Encoding
cf-request-id
074c53cc730000bd77821be000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-13195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c0ba9dbd77-CDG
expires
Mon, 04 Jan 2021 14:30:53 GMT
4hYyXH_8WmbBLamf6WjLwg.woff2
fonts.gstatic.com/s/dosis/v6/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dosis/v6/4hYyXH_8WmbBLamf6WjLwg.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcc246580f4abfe9fabc2df4628072d354e8a5b71d57637f27c739b900e951f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 17:22:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:55:41 GMT
server
sffe
age
524384
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25028
x-xss-protection
0
expires
Wed, 22 Dec 2021 17:22:27 GMT
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 10:48:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:44 GMT
server
sffe
age
288792
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16152
x-xss-protection
0
expires
Sat, 25 Dec 2021 10:48:59 GMT
7aJzV14HzAOiwNTiPgucGfesZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/dosis/v6/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dosis/v6/7aJzV14HzAOiwNTiPgucGfesZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de313e4199d08ba24a2eab6f6ff1aae24c631b8203d73dac68770a45dac06a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 06:21:17 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:59:05 GMT
server
sffe
age
564054
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24732
x-xss-protection
0
expires
Wed, 22 Dec 2021 06:21:17 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 04:32:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
age
311399
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15572
x-xss-protection
0
expires
Sat, 25 Dec 2021 04:32:12 GMT
22aDRG5X9l7obljtz7tihvesZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/dosis/v6/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dosis/v6/22aDRG5X9l7obljtz7tihvesZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96fddc2f7f195911fa1db480e509318b1ed338983c2a529a30454fa08dd3668b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 13:40:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:55:57 GMT
server
sffe
age
278490
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25248
x-xss-protection
0
expires
Sat, 25 Dec 2021 13:40:41 GMT
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payment.essayabc.xyz
Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 09:42:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:29 GMT
server
sffe
age
379167
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16276
x-xss-protection
0
expires
Fri, 24 Dec 2021 09:42:44 GMT
amazon-btn@2x.png
essayshark.com/w3t_img/images/books/
7 KB
7 KB
Image
General
Full URL
https://essayshark.com/w3t_img/images/books/amazon-btn@2x.png
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b4f74bf9309c944d67023fa49c12f24aaece8db61148720df307931005eda1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
content-length
6943
cf-request-id
074c53ccd10000085b60361000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
"5fe9e6c5-1b1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
608d88c14d76085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
why_1.svg
essayshark.com/w3t_img/images/index/
3 KB
1 KB
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/why_1.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d179633ffd86d89a683f547a14c7fcdb2cbd982de8011c68ddafc507526f935a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd10000085b042e3000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-ada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c14d77085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
why_2.svg
essayshark.com/w3t_img/images/index/
2 KB
985 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/why_2.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044f84cfd132f06912a8c156be98b633ce06e1dddfe7b9c5beb29a7e1ca3a756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd20000085b269ea000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-984"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c14d79085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
why_3.svg
essayshark.com/w3t_img/images/index/
2 KB
737 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/why_3.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba32de4f5b40d3f71952737556b833e0e8130f58023dfa9b9ba20552c455643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd20000085b763c2000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-68d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c14d7a085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
why_4.svg
essayshark.com/w3t_img/images/index/
3 KB
956 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/why_4.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bbb4ca207c3030013600fffebf9209cca900604afbcbab40b028e755b8d66db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd20000085b6790b000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-c68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d7c085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
check.svg
essayshark.com/w3t_img/images/index/
726 B
509 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/check.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a6e752fc69247b81500f5296147160d8ae46034d8083fafc166f74e8f155d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd20000085b0a3bd000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-2d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d7d085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
feature_1.svg
essayshark.com/w3t_img/images/index/
2 KB
932 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/feature_1.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7b37ffd8aa31d12c6c6e19b748101d53c7d94dffdacab5e605f851add54b65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd30000085b4db67000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-996"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d7f085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
feature_2.svg
essayshark.com/w3t_img/images/index/
3 KB
1014 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/feature_2.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d179633ffd86d89a683f547a14c7fcdb2cbd982de8011c68ddafc507526f935a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd40000085b5b9d1000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-ada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d84085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
feature_3.svg
essayshark.com/w3t_img/images/index/
2 KB
872 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/feature_3.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc27ca9c7e0888133400d910dc642c72b2dc93c168651bf9b4757760a6dc7b4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd40000085b079a5000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-7c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d87085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
dash.svg
essayshark.com/w3t_img/images/index/
2 KB
887 B
Image
General
Full URL
https://essayshark.com/w3t_img/images/index/dash.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f0de078730546d23c822b40ecb34f926ad01a3ed3f23c74075df4dbc4941eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd40000085b6b87a000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-78d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d8a085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
choosePreferredWriter.svg
essayshark.com/w3t_img/images/preferredWriter/
24 KB
7 KB
Image
General
Full URL
https://essayshark.com/w3t_img/images/preferredWriter/choosePreferredWriter.svg
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28c8be4da0f3cd472946d5c69ff91751750da8721baa696778a4a49200a8917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12099
vary
Accept-Encoding
cf-request-id
074c53ccd40000085b56b58000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-5f77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
608d88c15d8c085b-CDG
expires
Mon, 04 Jan 2021 15:40:32 GMT
google-play.png
essayshark.com/w3t_img/images/
5 KB
5 KB
Image
General
Full URL
https://essayshark.com/w3t_img/images/google-play.png
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dfc1893168908991d09e912cfac21ea250e52a696ae3f22bfc73d95509c631d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
17051
vary
Accept-Encoding
content-length
5111
cf-request-id
074c53ccd60000085b6508b000000001
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
"5fe9e6c5-13f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
608d88c15d90085b-CDG
expires
Mon, 04 Jan 2021 14:18:00 GMT
dmca_protected_sml_120l.png
images.dmca.com/Badges/
2 KB
2 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=2e001083-1ade-4856-a434-309f6b6efa55
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
last-modified
Tue, 04 May 2010 23:19:10 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b76633e0ebca1:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120l.png>; rel="canonical"
content-length
2122
expires
Wed, 27 Jan 2021 19:01:29 GMT
https-essaysharkcom-mgd-f144627259d3799005826.css
cdn5.essayshark.com/w3t_public/css/
0
0
Stylesheet
General
Full URL
https://cdn5.essayshark.com/w3t_public/css/https-essaysharkcom-mgd-f144627259d3799005826.css
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.20.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

https-essaysharkcom-mgd-f4153941512d3799005826.css
cdn5.essayshark.com/w3t_public/css/
0
0
Stylesheet
General
Full URL
https://cdn5.essayshark.com/w3t_public/css/https-essaysharkcom-mgd-f4153941512d3799005826.css
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.20.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

jquery-3.3.1.min.js
essayshark.com/w3t_js/jquery/
85 KB
29 KB
Script
General
Full URL
https://essayshark.com/w3t_js/jquery/jquery-3.3.1.min.js?d3799005826vlngen
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 28 Dec 2020 14:08:05 GMT
server
cloudflare
etag
W/"5fe9e6c5-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
608d88c14d72085b-CDG
cf-request-id
074c53ccd10000085b74288000000001
expires
Mon, 04 Jan 2021 19:02:11 GMT
js_translation.html
essayshark.com/bricks/
53 B
528 B
Script
General
Full URL
https://essayshark.com/bricks/js_translation.html?d3799005826vlngen
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.37.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93afb5d3de9254d5876d2f7ede50462d44d2022fd9185565e394346fef00b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Dec 2020 19:02:11 GMT
server
cloudflare
x-frame-options
sameorigin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
608d88c14d75085b-CDG
cf-request-id
074c53ccd10000085b0c364000000001
expires
Mon, 4 Jan 2021 19:02:11 GMT
https-essaysharkcom-mgd-f2228178040d3799005826vlngen.js
cdn5.essayshark.com/w3t_public/js/
0
0
Script
General
Full URL
https://cdn5.essayshark.com/w3t_public/js/https-essaysharkcom-mgd-f2228178040d3799005826vlngen.js
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.20.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

https-essaysharkcom-mgd-f380470491d3799005826vlngen.js
cdn5.essayshark.com/w3t_public/js/
0
0
Script
General
Full URL
https://cdn5.essayshark.com/w3t_public/js/https-essaysharkcom-mgd-f380470491d3799005826vlngen.js
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.20.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

1.js
cdn.ywxi.net/js/
19 KB
5 KB
Script
General
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ee00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ab68b081cf1af38efa97117b3ab19eb293b10bcd09a7ef682a476133b2919494

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 18:11:54 GMT
content-encoding
gzip
server
Apache
age
3017
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
content-length
4666
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-id
LStTTKFpfmiD6gtWlCfYCcN15ab2pIqRqf3lMXJkaHqK44DZKoiFcw==
expires
Mon, 28 Dec 2020 19:11:54 GMT
js
www.google-analytics.com/gtm/
83 KB
33 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PW36NN2&cid=833046066.1609182131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cd1e4eb65cd6dfb44bad729a72a56722ec9ebffff6426a18901114da969a273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33377
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Dec 2020 19:02:11 GMT
js
www.googletagmanager.com/gtag/
133 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2NR828LJVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M74F3P8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
227ed04e5881cfbd13c1fd92ce65992c7b5893bdb08dfc8c9b95bd8243f8cdef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52267
x-xss-protection
0
expires
Mon, 28 Dec 2020 19:02:11 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
888 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 18:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Mon, 28 Dec 2020 19:30:43 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 18:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2125
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Mon, 28 Dec 2020 19:26:46 GMT
hotjar-371354.js
static.hotjar.com/c/
6 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-371354.js?sv=6
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-109.fra6.r.cloudfront.net
Software
/
Resource Hash
337ce3ecce50ef0e12a09af00d41472f3baf46bc880ef70d2ab940df9c4ca9c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
etag
W/2a6c1d0da3c67a1ec6297908bfb38f0b
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
kS1Rn7XBd4r3SoX8_it3ZZG19Ar8wDFBjZZrnBGoqeUgshF6v1CkuQ==
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/
90 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23470
x-fb-rlafr
0
pragma
public
x-fb-debug
dZLHYkglYrVQDBn0LyXDSmGid94UhJ4Us9mXZ/9lkKnn1Usce5ikYPLWDj359DWBzKjUOowGSV9ktcaK+0j1Hg==
x-fb-trip-id
436667874
x-frame-options
DENY
date
Mon, 28 Dec 2020 19:02:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
47 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1050365832&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.essayabc.xyz%2F&ul=en-us&de=UTF-8&dt=Essay%20Writing%20Service%20%E2%80%93%20Cheap%20Help%20from%20Essay%20Writers%20%7C%20EssayShark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArQAAAAC~&jid=906183648&gjid=611952569&cid=833046066.1609182131&tid=UA-25959941-1&_gid=1262352247.1609182131&_r=1&gtm=2wgbu0M74F3P8&z=766629019
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.essayabc.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1853307121447208
connect.facebook.net/signals/config/
239 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1853307121447208?v=2.9.31&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2e22a7b66f5a0691cdd72173e1e7a67642c7c92bafb524baaf5ce4adb732801
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
RwmhOgD1NOXcaMsBuroLiKC2/Q8rHHaeIuNXZJSYC0xBcuUd9rMsN5IhPuUg7WtHiOYurBLP4eD+98AU4dMENw==
x-fb-trip-id
436667874
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 28 Dec 2020 19:02:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1694520527
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/
0
346 B
Other
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2NR828LJVN&gtm=2oebu0&_p=1050365832&sr=1600x1200&_gaz=1&ul=en-us&cid=833046066.1609182131&_s=1&dl=https%3A%2F%2Fpayment.essayabc.xyz%2F&dr=&dt=Essay%20Writing%20Service%20%E2%80%93%20Cheap%20Help%20from%20Essay%20Writers%20%7C%20EssayShark&sid=1609182131&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2NR828LJVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.essayabc.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
78 B
Other
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2NR828LJVN&cid=833046066.1609182131&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2NR828LJVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.essayabc.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2NR828LJVN&cid=833046066.1609182131&gtm=2oebu0&aip=1&z=1417511210
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-25959941-1&cid=833046066.1609182131&jid=906183648&gjid=611952569&_gid=1262352247.1609182131&_u=aGBAAEAqQAAAAC~&z=604744557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Dec 2020 19:02:11 GMT
content-type
text/plain
access-control-allow-origin
https://payment.essayabc.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
115 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25959941-1&cid=833046066.1609182131&jid=906183648&_u=aGBAAEAqQAAAAC~&z=1151601545
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25959941-1&cid=833046066.1609182131&jid=906183648&_u=aGBAAEAqQAAAAC~&z=1151601545
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 19:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5d1cad31427a09b055ed.js
script.hotjar.com/
223 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-371354.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-25.fra53.r.cloudfront.net
Software
/
Resource Hash
3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 15:55:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
1047974
x-cache
Hit from cloudfront
content-length
59800
access-control-allow-origin
*
last-modified
Wed, 16 Dec 2020 15:53:26 GMT
etag
"e84a105a276cfecf4b45f77c9e4a6030"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
BHEgWIPyzCJrguFmhcWgOaabD5I-UI7u9b93K2Mxx5jZGF1tutPreQ==
/
www.facebook.com/tr/
44 B
257 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1853307121447208&ev=PageView&dl=https%3A%2F%2Fpayment.essayabc.xyz%2F&rl=&if=false&ts=1609182131607&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1609182131605.1213864598&it=1609182131516&coo=false&rqm=GET
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 28 Dec 2020 19:02:11 GMT
js_error_log.html
payment.essayabc.xyz/bricks/
222 B
422 B
XHR
General
Full URL
https://payment.essayabc.xyz/bricks/js_error_log.html?msg=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27setDefaults%27%20of%20undefined&url=https%3A%2F%2Fpayment.essayabc.xyz%2F&line=79&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36
Requested by
Host: essayshark.com
URL: https://essayshark.com/w3t_js/jquery/jquery-3.3.1.min.js?d3799005826vlngen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.116.9.88 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li451-88.members.linode.com
Software
Apache /
Resource Hash
2cbca294425890992d59b73fca32150f8ffedf4e257fbfae3c07116b5f580386

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://payment.essayabc.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:11 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
222
Content-Type
text/html; charset=iso-8859-1
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/payment.essayabc.xyz/
243 B
825 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/payment.essayabc.xyz/client.json?source=jsmain
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.218.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b31ff996bfd2efe092d62116c6408adfe6481fc801e9f07e158293ee962ab11d

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:12 GMT
Server
AmazonS3
x-amz-request-id
FEDF11628C583A20
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/xml
Access-Control-Allow-Origin
https://payment.essayabc.xyz
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
60
Transfer-Encoding
chunked
x-amz-id-2
cjC/rj3VdW8MXgNunWK3SIjuq0EGww6RdAP0LiQjc1VbxXe/Wb9OXyfuODlY9w1A4Mzjyk0U/QI=
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/payment.essayabc.xyz/
243 B
825 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/payment.essayabc.xyz/client.json?source=jsinline
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.218.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
9589db51812b5c90a93ae453bca795e98bfe6c415c6776c33b529b570143e922

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:12 GMT
Server
AmazonS3
x-amz-request-id
C29B0ED8B31611F0
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/xml
Access-Control-Allow-Origin
https://payment.essayabc.xyz
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
60
Transfer-Encoding
chunked
x-amz-id-2
cakPX+FZH7cbk3iVAEx8wgpGe72iZBkQvvQDyiPrQ8OtWk/U0Lih3WuHS4nptiiSTwUTZeM2P2o=
iframe_api
www.youtube.com/
810 B
841 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: payment.essayabc.xyz
URL: https://payment.essayabc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b5521e49dfc253c57dd27e58b56366a5707f7b0835d8cd2f75a4f2f40599c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 28 Dec 2020 19:02:11 GMT
www-widgetapi.js
www.youtube.com/s/player/5dd3f3b2/www-widgetapi.vflset/
101 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/5dd3f3b2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
079125f689a2bdeb07090e26bf6a36ff437911956588ece588b2bc75c4dce5d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 10:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Dec 2020 01:15:36 GMT
server
sffe
age
117637
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36917
x-xss-protection
0
expires
Mon, 27 Dec 2021 10:21:34 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4FAA
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-371354.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-26.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.essayabc.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://payment.essayabc.xyz/

Response headers

content-type
text/html
content-length
851
date
Fri, 06 Nov 2020 22:29:56 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Fri, 06 Nov 2020 16:42:59 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
SsskUtsXfeecNcXgfbWYq3hE3fgoQ63raGuD_-ikWF5-Hd58B8osLA==
age
4480335
js_error_log.html
payment.essayabc.xyz/bricks/
222 B
423 B
XHR
General
Full URL
https://payment.essayabc.xyz/bricks/js_error_log.html?msg=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27setDefaults%27%20of%20undefined&url=https%3A%2F%2Fpayment.essayabc.xyz%2F&line=79&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36
Requested by
Host: essayshark.com
URL: https://essayshark.com/w3t_js/jquery/jquery-3.3.1.min.js?d3799005826vlngen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.116.9.88 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li451-88.members.linode.com
Software
Apache /
Resource Hash
2cbca294425890992d59b73fca32150f8ffedf4e257fbfae3c07116b5f580386

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://payment.essayabc.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 19:02:12 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
222
Content-Type
text/html; charset=iso-8859-1
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1853307121447208&ev=Microdata&dl=https%3A%2F%2Fpayment.essayabc.xyz%2F&rl=&if=false&ts=1609182132110&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Essay%20Writing%20Service%20%E2%80%93%20Cheap%20Help%20from%20Essay%20Writers%20%7C%20EssayShark%22%2C%22meta%3Adescription%22%3A%22Tight%20deadlines%3F%20Difficult%20assignments%3F%20Hire%20a%20reliable%20essay%20writer%20who%20will%20create%20a%20100%25%20original%20paper%20and%20deliver%20it%20on%20time.%20Satisfaction%20guaranteed!%22%2C%22meta%3Akeywords%22%3A%22Writing%20help%2C%20Paper%20writing%20service%2C%20Get%20one%20page%20for%20free%2C%20Write%20my%20essay%2C%20Essay%20writing%20service%2C%20Custom%20writing%20paper%2C%20Custom%20essay%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22The%20most%20reliable%20and%20affordable%20academic%20writing%20service.%22%2C%22og%3Atype%22%3A%22product%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fessayshark.com%2F%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fessayshark.com%2Fw3t_img%2Fimages%2Fexternal%2Fessayshark.com-fb.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fessayshark.com%2Fw3t_img%2Fimages%2Fexternal%2Fessayshark.com-fb.png%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%22620%22%2C%22og%3Aimage%3Aheight%22%3A%22541%22%2C%22og%3Asite_name%22%3A%22EssayShark.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&ec=1&o=30&fbp=fb.1.1609182131605.1213864598&it=1609182131516&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payment.essayabc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:02:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 28 Dec 2020 19:02:12 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| setCookieUTCOffset object| w3t object| js_loader_queue object| js_loader_queue2 object| jsLoader object| head function| js_loader_ready object| jsInlineLoader string| GoogleAnalyticsObject function| ga object| dataLayer function| initValidator_newOrderFrom object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| essaySharkClass string| template string| styles object| style object| $cookieBlock object| $cookieButton string| cookieBlockClassOpened object| google_tag_manager function| onYouTubeIframeAPIReady function| hj object| _hjSettings function| fbq function| _fbq object| google_optimize object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| w3tVar function| $ function| jQuery function| __ object| TrustedSite number| TrustedSite_done object| TrustedSiteInline object| ytTracker string| scriptUrl object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey

10 Cookies

Domain/Path Name / Value
.essayabc.xyz/ Name: _hjAbsoluteSessionInProgress
Value: 0
.essayabc.xyz/ Name: _hjFirstSeen
Value: 1
.essayabc.xyz/ Name: _hjid
Value: ef691eab-beee-41b9-b0f4-0c628ae9a02e
.essayabc.xyz/ Name: _hjTLDTest
Value: 1
payment.essayabc.xyz/ Name: _hjIncludedInSessionSample
Value: 0
.essayabc.xyz/ Name: _gid
Value: GA1.2.1262352247.1609182131
.essayabc.xyz/ Name: _fbp
Value: fb.1.1609182131605.1213864598
.essayabc.xyz/ Name: _ga_2NR828LJVN
Value: GS1.1.1609182131.1.0.1609182131.60
.essayabc.xyz/ Name: _ga
Value: GA1.1.833046066.1609182131
.essayabc.xyz/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.ywxi.net/js/1.js(Line 48)
Message:
trustedsite-tm-main[config][403]
console-api log URL: https://cdn.ywxi.net/js/1.js(Line 101)
Message:
trustedsite-tm-inline[config][403]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.ywxi.net
cdn1.essayshark.com
cdn3.essayshark.com
cdn5.essayshark.com
connect.facebook.net
essayshark.com
fonts.gstatic.com
images.dmca.com
payment.essayabc.xyz
s3-us-west-2.amazonaws.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.20.37.93
104.22.31.93
143.204.215.25
143.204.215.26
151.139.242.29
172.67.20.131
2600:9000:21f3:ee00:14:6bfc:5740:93a1
2a00:1450:4001:808::2008
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
50.116.9.88
52.218.218.16
99.86.3.109
044f84cfd132f06912a8c156be98b633ce06e1dddfe7b9c5beb29a7e1ca3a756
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05de1de493aefe982af5ba8f09516eeb40c339a009440435f737f9af6171d4ac
079125f689a2bdeb07090e26bf6a36ff437911956588ece588b2bc75c4dce5d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a6e752fc69247b81500f5296147160d8ae46034d8083fafc166f74e8f155d6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
20b4f74bf9309c944d67023fa49c12f24aaece8db61148720df307931005eda1
227ed04e5881cfbd13c1fd92ce65992c7b5893bdb08dfc8c9b95bd8243f8cdef
2b5521e49dfc253c57dd27e58b56366a5707f7b0835d8cd2f75a4f2f40599c45
2cbca294425890992d59b73fca32150f8ffedf4e257fbfae3c07116b5f580386
337ce3ecce50ef0e12a09af00d41472f3baf46bc880ef70d2ab940df9c4ca9c0
3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe
4cd1e4eb65cd6dfb44bad729a72a56722ec9ebffff6426a18901114da969a273
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61578007af4af09e1405d4eb1a388c1fcd4e47c7ff070e513c95e578123c0f02
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
62f0de078730546d23c822b40ecb34f926ad01a3ed3f23c74075df4dbc4941eb
7a7b37ffd8aa31d12c6c6e19b748101d53c7d94dffdacab5e605f851add54b65
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dfc1893168908991d09e912cfac21ea250e52a696ae3f22bfc73d95509c631d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9589db51812b5c90a93ae453bca795e98bfe6c415c6776c33b529b570143e922
96fddc2f7f195911fa1db480e509318b1ed338983c2a529a30454fa08dd3668b
9bbb4ca207c3030013600fffebf9209cca900604afbcbab40b028e755b8d66db
ab68b081cf1af38efa97117b3ab19eb293b10bcd09a7ef682a476133b2919494
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
b31ff996bfd2efe092d62116c6408adfe6481fc801e9f07e158293ee962ab11d
cba32de4f5b40d3f71952737556b833e0e8130f58023dfa9b9ba20552c455643
cbfccf78bdaa80402b6475f47957a8f8f3b2b6b514723848699b7e929363494e
cc27ca9c7e0888133400d910dc642c72b2dc93c168651bf9b4757760a6dc7b4a
ccc7887aea612f09758812d777052c3b3a93f7f94064934c3458ee553781e159
d179633ffd86d89a683f547a14c7fcdb2cbd982de8011c68ddafc507526f935a
de313e4199d08ba24a2eab6f6ff1aae24c631b8203d73dac68770a45dac06a5e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05235a19691010b2037132e311a7873a38818c107661914d2c9ad6a91cadbc2
e28c8be4da0f3cd472946d5c69ff91751750da8721baa696778a4a49200a8917
e2e22a7b66f5a0691cdd72173e1e7a67642c7c92bafb524baaf5ce4adb732801
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e93afb5d3de9254d5876d2f7ede50462d44d2022fd9185565e394346fef00b19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f8e45f7bbdc546f75ca514f26cbc70af73a906ae468daa75a731ab195489014b
fcc246580f4abfe9fabc2df4628072d354e8a5b71d57637f27c739b900e951f5