urlscan.io logo urlscan.io
SecurityTrails logo

www.billytumeltygroup.com Open in urlscan Pro
2001:1478:22:23:0:ffff:c100:9ed0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://billytumeltygroup.com/
Effective URL: http://www.billytumeltygroup.com/
Submission: On March 05 via api from BE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 33 HTTP transactions. The main IP is 2001:1478:22:23:0:ffff:c100:9ed0, located in United States and belongs to GTT-BACKBONE GTT, US. The main domain is www.billytumeltygroup.com.
This is the only time www.billytumeltygroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2001:9d8:202e::511b:5c5d (United Kingdom)

ASN25577 (C4L-AS, GB)
billytumeltygroup.com
11    2001:1478:22:23:0:ffff:c100:9ed0 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
www.billytumeltygroup.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
10    81.27.92.117 (United Kingdom)

ASN25577 (C4L-AS, GB)
PTR: sitebuilder.freeola.com
media.freeola.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 billytumeltygroup.com
billytumeltygroup.com
www.billytumeltygroup.com
323 KB
10 freeola.com
media.freeola.com
26 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
231 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141
70 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
33 KB
33 6
Domain Requested by
11 www.billytumeltygroup.com 1 redirects www.billytumeltygroup.com
ajax.googleapis.com
10 media.freeola.com www.billytumeltygroup.com
media.freeola.com
6 pagead2.googlesyndication.com www.billytumeltygroup.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 maxcdn.bootstrapcdn.com www.billytumeltygroup.com
maxcdn.bootstrapcdn.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ajax.googleapis.com www.billytumeltygroup.com
1 billytumeltygroup.com 1 redirects
33 8

This site contains no links.

Subject Issuer Validity Valid
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.billytumeltygroup.com/
Frame ID: 73A7A392183FFFB048DD899652E512CB
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 62FEDE8CF0C8565E32A84D8004ED144F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6233426853208451&output=html&adk=1812271804&adf=3025194257&lmt=1709676097&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.billytumeltygroup.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709676097046&bpp=1&bdt=395&idt=338&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4680748257354&frm=20&pv=2&ga_vid=363274348.1709676097&ga_sid=1709676097&ga_hid=489641603&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081082%2C44795921%2C95325753%2C95322182%2C31081085%2C31080991%2C95324161%2C95325785%2C95326935&oid=2&pvsid=114307950547288&tmod=1990217607&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=347
Frame ID: 0177F9977AA0B1CFEF25F1650206F19B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7B24256574EF60E9EDAFB59B0D1650E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Homepage

Page URL History Show full URLs

  1. https://billytumeltygroup.com/ HTTP 301
    https://www.billytumeltygroup.com/ HTTP 301
    http://www.billytumeltygroup.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

33 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

687 kB
Transfer

1231 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billytumeltygroup.com/ HTTP 301
    https://www.billytumeltygroup.com/ HTTP 301
    http://www.billytumeltygroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.billytumeltygroup.com/
Redirect Chain
  • https://billytumeltygroup.com/
  • https://www.billytumeltygroup.com/
  • http://www.billytumeltygroup.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
af1a0aa7e33be0137b62097a7024e918a3ef44d86d56c6f46c3ac166f66c1884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Mar 2024 22:01:36 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Tue, 05 Mar 2024 22:01:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
http://www.billytumeltygroup.com/
pragma
no-cache
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style.v1.5.css
www.billytumeltygroup.com/style/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/style/style.v1.5.css
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
b5fe435599493948c3fc179859a942839cd6106495a48abece509dde8807918d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
must-revalidate
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Mar 2024 18:01:36 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
9650852
cdn-cachedat
11/18/2022 06:19:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"0831cba6a670e405168b84aa20798347"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
12fce6e1ed97d04b1f68642e02a84dd4
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
85fd62b49aba63ef-LHR
cdn-requestpullsuccess
True
none.css
www.billytumeltygroup.com/css/content/ 		269 B
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/css/content/none.css?m=1613398129
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
391dddb02537cdc636c4ae163a5ea5a5c5dbcbc0e850e8ca99de3e366da7617e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
must-revalidate
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Mar 2024 18:01:36 GMT
cookie.css
media.freeola.com/css/ 		789 B
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://media.freeola.com/css/cookie.css
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
55127d363b5bd0a911f51c984e3e54116771e7e1db07860b6eadfb54bf6c3ea6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 10:00:09 GMT
Server
nginx/1.16.1
ETag
W/"59ad2429-315"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 10:53:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
40074
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33018
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 05 Mar 2025 10:53:42 GMT
jquery.touchSwipe.min.js
www.billytumeltygroup.com/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/js/jquery.touchSwipe.min.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 14:08:49 GMT
Server
nginx
ETag
"602a8071-4fce"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20430
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
instantpro-live.js
www.billytumeltygroup.com/js/ 		56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/js/instantpro-live.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
fb3bc28d4be0f4375c73f58301b093cbda4b09f8a78ebc0593426e3fdcced7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 14:08:49 GMT
Server
nginx
ETag
"602a8071-df20"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57120
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
magnific.jquery-min.js
media.freeola.com/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://media.freeola.com/js/magnific.jquery-min.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
089e2204bb9ab6501f9e89f9aa35718c341933bde6a791f1c9b141a77bb970e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Dec 2013 18:54:35 GMT
Server
nginx/1.16.1
ETag
W/"52af4c6b-51cd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gallery_magnific.js
media.freeola.com/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://media.freeola.com/js/gallery_magnific.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
892a3fa95916bb244d805ee86cc930f0d6b81238df2071d18148e8b29ffa9f4f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2016 15:49:46 GMT
Server
nginx/1.16.1
ETag
W/"568d379a-2cd8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
magnific.jquery.css
media.freeola.com/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://media.freeola.com/css/magnific.jquery.css
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
b26527d20ee7dcfa64952e937e47cde56c86a8c72d533e3802252d55b1565089

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Dec 2013 18:56:50 GMT
Server
nginx/1.16.1
ETag
W/"52af4cf2-1e46"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gallery_magnific.css
media.freeola.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://media.freeola.com/css/gallery_magnific.css
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
bc42c61a130ed918cc3b3831253eaa4e9035fc11fcb5d20178d7d2550ca40e2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jul 2014 14:52:11 GMT
Server
nginx/1.16.1
ETag
W/"53cfcc1b-e76"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
manhattan-blue.css
www.billytumeltygroup.com/css/nav_mid/ 		1 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/css/nav_mid/manhattan-blue.css?m=1613398129
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
98db0b392d30f89d218dd8ff5758ec4d6bfc29835c27db1cb9ac301de51ce2d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
must-revalidate
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Mar 2024 18:01:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2647306a04992f206d47b0920e9710a096484137acd5e0d39a50dc8314d0cdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54115
X-XSS-Protection
0
Server
cafe
ETag
9221236798956081391
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Tue, 05 Mar 2024 22:01:36 GMT
IPTLCV2-1-small-1487171556.png
www.billytumeltygroup.com/media/images/user-logos/38363/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.billytumeltygroup.com/media/images/user-logos/38363/IPTLCV2-1-small-1487171556.png
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
bbe34d42dd35646d90345f694b75faf820b82d7a56c36890929e0c561df9c096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 15 Feb 2017 15:12:36 GMT
Server
nginx
ETag
"58a46fe4-af6"
Content-Type
image/png
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2806
X-XSS-Protection
1; mode=block
Expires
Sun, 10 Mar 2024 22:01:36 GMT
images-1487162168-small.jpg
www.billytumeltygroup.com/media/images/user-banner-images/38363/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.billytumeltygroup.com/media/images/user-banner-images/38363/images-1487162168-small.jpg
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
b22c6c4db5f6a381136d6e9fa9e409c685bdb7e8ca3f8dcd897adc7e3a231eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 15 Feb 2017 12:36:08 GMT
Server
nginx
ETag
"58a44b38-382ec"
Content-Type
image/jpeg
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230124
X-XSS-Protection
1; mode=block
Expires
Sun, 10 Mar 2024 22:01:36 GMT
download.jpg
www.billytumeltygroup.com/media/images/user-images/38363/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.billytumeltygroup.com/media/images/user-images/38363/download.jpg
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
a59d509777ce70244691071394b93e38393de83961ab665433988581dcbf59a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 15 Feb 2017 14:42:48 GMT
Server
nginx
ETag
"58a468e8-104f"
Content-Type
image/jpeg
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4175
X-XSS-Protection
1; mode=block
Expires
Sun, 10 Mar 2024 22:01:36 GMT
bg.gif
media.freeola.com/images/theme-images/css-images/top_nav_10/ 		264 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.freeola.com/images/theme-images/css-images/top_nav_10/bg.gif
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/css/nav_mid/manhattan-blue.css?m=1613398129
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
f3768374bda3e6b0801132884ca819fca2fb1df591182a606aad11872b95e0de

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Last-Modified
Wed, 23 Oct 2013 09:15:15 GMT
Server
nginx/1.16.1
ETag
"526793a3-108"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
264
bg_on.gif
media.freeola.com/images/theme-images/css-images/top_nav_10/ 		264 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.freeola.com/images/theme-images/css-images/top_nav_10/bg_on.gif
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/css/nav_mid/manhattan-blue.css?m=1613398129
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
fbb9f83a7d3a976540a7c240dc7019eb4922a3e1beede9e3bd6054c1b1511630

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Last-Modified
Wed, 23 Oct 2013 09:15:15 GMT
Server
nginx/1.16.1
ETag
"526793a3-108"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
264
bg.png
media.freeola.com/images/cookie/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.freeola.com/images/cookie/bg.png
Requested by
Host: media.freeola.com
URL: http://media.freeola.com/css/cookie.css
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
b3b3edddbbe80051e0beb2549ec676634547a4186f6c2a5442d710d924bd7ba0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://media.freeola.com/css/cookie.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Last-Modified
Fri, 18 Dec 2015 12:23:06 GMT
Server
nginx/1.16.1
ETag
"5673faaa-431"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1073
info.png
media.freeola.com/images/cookie/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.freeola.com/images/cookie/info.png
Requested by
Host: media.freeola.com
URL: http://media.freeola.com/css/cookie.css
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
3e59e0b8f55c92b012c24ff07330585b42f626a759030d5be64f4446364c9f79

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://media.freeola.com/css/cookie.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Last-Modified
Fri, 18 Dec 2015 12:23:06 GMT
Server
nginx/1.16.1
ETag
"5673faaa-576"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1398
log-statistics.php
www.billytumeltygroup.com/ 		89 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.billytumeltygroup.com/log-statistics.php
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Server
2001:1478:22:23:0:ffff:c100:9ed0 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
271b7d73e2cc68fd6ac51d0da15d33b1dfa2abb417b6b432628aba839a26d271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
http://www.billytumeltygroup.com/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 05 Mar 2024 22:01:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
http://www.billytumeltygroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1073
cdn-cachedat
10/31/2023 19:47:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64464
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"4b5a84aaf1c9485e060c503a0ff8cadb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0f17276deb016ce20d7c27c35932cd6b
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
85fd62b5a983769b-LHR
cdn-requestpullsuccess
True
loadingAnimation.gif
media.freeola.com/images/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.freeola.com/images/images/loadingAnimation.gif
Requested by
Host: www.billytumeltygroup.com
URL: http://www.billytumeltygroup.com/
Protocol
HTTP/1.1
Server
81.27.92.117 , United Kingdom, ASN25577 (C4L-AS, GB),
Reverse DNS
sitebuilder.freeola.com
Software
nginx/1.16.1 /
Resource Hash
b838c8ce96424a1ec09ab8f5a683cb86ed3e020e3e101449335e1452e9844835

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Tue, 05 Mar 2024 22:01:36 GMT
Last-Modified
Fri, 18 Dec 2015 12:23:06 GMT
Server
nginx/1.16.1
ETag
"5673faaa-1cb3"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7347
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6233426853208451&plah=www.billytumeltygroup.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d192aca7a59fb2af827fe602f9e25f2398d1d43ebbc48af0e6ccbfd8350eb461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140469
x-xss-protection
0
server
cafe
etag
9317588040154764824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 22:01:37 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/ Frame 62FE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.billytumeltygroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 08:53:38 GMT
etag
5035419970550746386
expires
Tue, 19 Mar 2024 08:53:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 0177 		603 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6233426853208451&output=html&adk=1812271804&adf=3025194257&lmt=1709676097&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.billytumeltygroup.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709676097046&bpp=1&bdt=395&idt=338&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4680748257354&frm=20&pv=2&ga_vid=363274348.1709676097&ga_sid=1709676097&ga_hid=489641603&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081082%2C44795921%2C95325753%2C95322182%2C31081085%2C31080991%2C95324161%2C95325785%2C95326935&oid=2&pvsid=114307950547288&tmod=1990217607&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6233426853208451&plah=www.billytumeltygroup.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.billytumeltygroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 22:01:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240229&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6233426853208451&plah=www.billytumeltygroup.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2130216d492bf800ea23b7955e30ef25344c9ca029ff3850769ead3501c35bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12475
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6233426853208451&plah=www.billytumeltygroup.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 22:01:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7B2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.billytumeltygroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 16:58:57 GMT
expires
Wed, 05 Mar 2025 16:58:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame C7B2 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 21:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 21:55:28 GMT
generate_204
tpc.googlesyndication.com/ Frame C7B2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mIPrHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 22:01:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240229&jk=114307950547288&bg=!ICOlI2zNAAauXHXJjlw7ADQBe5WfOErOXGVU0P6ajhc0cJY2LZ6i6uuB6qen2Wv8F1IXgIfJKRXAI_FbCfVWvz4BzEqzAgAAACFSAAAAAWgBBwoASgO7soq2Wfktv8jGuYWID72DeAtiaojRes6SAJgs_XrUGU9gqglYnzBIF-v-tHfE67WGWYd9NtsvRHYnALia4_fcd83xqmgfnk7DmQLTySxRrWUOhwj4fK837VHursbkWo9iuKBmR_deyUA8OZjYuq3fE4j5Ih2WFIBYNFcalQX4FHml6N8xFg-pr7Ysg4g7p2oU5sNfwTW1fjikwixCEqNhdNWWR-j3m8cFugVeiW6MS4ULOSMIdIj2UQsEG5oTJ4UCAMLE9L-Yk69snJurgvTzv74n0BA3D_kndMH_A_gJM8ynkhW-cH490ky8CNGeaPDtYyL1khJG1LfXQnR7yf17T-FhhRhrNw_mQom6izj2ijfWUMZaE4VVC49FwICyEN_oZdSUgQKzUABCCTJFKptH1s8Mz6F86ULfmSEr0HGh8EErhgNgXoTXvTbQ_OO1JGWnUJ6F4_YvvLo8bTMa7ZTogeojy5YHd-4JTIfS1-lJ6kX1n0aHdkBRItxhNYT-UOF05rJ8ASN4FwLxxAB6vhYDN1cdcTbnCoEHdpFj0VK05SMGr-OlGzWOycgLf3Vet0N4WZ9n_cfy5332w8gq1-ZgmtrchyDbipY-tmS0mMdyMVOpmBlXcSx1cbAaa9g77bwxqd29hZbg0gli526eaaL3fxhUfn1PT11_wkqJ01uFQhK3ba5luXBuXDHswJJmt2UlGiDIeSUIEzLO2jU7ddgB8AFxWur44tParRiubQLmI_Ni09KDcP3Zsolfulo7moISnOpsRvYwdBVnUWGGDUZglAxxAloVZVDaUCXmvAaBWht7tpCtSRRrhtNwJ7DGrhvPyANEk3MitcsxWQRwuzBqzD2a9COYEqZ6Gq8p6eMJo8IGOROjam3nmVDjo5rzx-zfVs0w58gxxeMAe8XlxBmJUx0QommTdJQvt0Ams2FLHHnQ0qt6VhTrcnD4BWsaYwAQG-570LINcTvT_3ed94qrnTp-4Tl_yj8eOwGmZ9O03loIzXueMyt5wSLiK1Y1i2H_O0HLJJvmMDx8EOqZ4wOumfEwL8yFYQ6R42U5G0Oe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.billytumeltygroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| toploc object| calendar_parameters object| original_params object| schedule_parameters boolean| over function| chars_left function| check function| writeFlash function| writeShockWave function| writeQuickTime function| writeRealMedia function| writeWindowsMedia function| writeEmbed function| getRandomNumber function| getRandomChar function| randomID string| tb_pathToImage function| tb_init function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| matrix object| jQuery1910990633102817047 function| magnific_anchors boolean| magnific_default_zoom function| magnific_settings function| initiate_magnific function| add_section_title object| magnific_isIE7 function| magnific_ie7 object| magnific_isIE8 function| magnific_ie8Refresh function| magnific_check_size function| magnific_array function| magnific_array_show boolean| design_mode string| stats_data object| page_types object| adsbygoogle object| imgLoader object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
billytumeltygroup.com/ Name: PHPSESSID
Value: vtctg8j5s2bp5uue950kv7r616
www.billytumeltygroup.com/ Name: PHPSESSID
Value: ve5uv8ps1jstrma6c31t6qrbe6
www.billytumeltygroup.com/ Name: cookies_accepted
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: http://www.billytumeltygroup.com/(Line 7)
Message:
The value "702px" for key "width" was truncated to its numeric prefix.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
billytumeltygroup.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
media.freeola.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.billytumeltygroup.com
2001:1478:22:23:0:ffff:c100:9ed0
2001:9d8:202e::511b:5c5d
2606:4700::6812:acf
2a00:1450:4001:80e::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2002
81.27.92.117
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
089e2204bb9ab6501f9e89f9aa35718c341933bde6a791f1c9b141a77bb970e5
2130216d492bf800ea23b7955e30ef25344c9ca029ff3850769ead3501c35bdc
2647306a04992f206d47b0920e9710a096484137acd5e0d39a50dc8314d0cdb9
271b7d73e2cc68fd6ac51d0da15d33b1dfa2abb417b6b432628aba839a26d271
391dddb02537cdc636c4ae163a5ea5a5c5dbcbc0e850e8ca99de3e366da7617e
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e59e0b8f55c92b012c24ff07330585b42f626a759030d5be64f4446364c9f79
55127d363b5bd0a911f51c984e3e54116771e7e1db07860b6eadfb54bf6c3ea6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
892a3fa95916bb244d805ee86cc930f0d6b81238df2071d18148e8b29ffa9f4f
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
98db0b392d30f89d218dd8ff5758ec4d6bfc29835c27db1cb9ac301de51ce2d0
a59d509777ce70244691071394b93e38393de83961ab665433988581dcbf59a4
af1a0aa7e33be0137b62097a7024e918a3ef44d86d56c6f46c3ac166f66c1884
b22c6c4db5f6a381136d6e9fa9e409c685bdb7e8ca3f8dcd897adc7e3a231eba
b26527d20ee7dcfa64952e937e47cde56c86a8c72d533e3802252d55b1565089
b3b3edddbbe80051e0beb2549ec676634547a4186f6c2a5442d710d924bd7ba0
b5fe435599493948c3fc179859a942839cd6106495a48abece509dde8807918d
b838c8ce96424a1ec09ab8f5a683cb86ed3e020e3e101449335e1452e9844835
bbe34d42dd35646d90345f694b75faf820b82d7a56c36890929e0c561df9c096
bc42c61a130ed918cc3b3831253eaa4e9035fc11fcb5d20178d7d2550ca40e2d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d192aca7a59fb2af827fe602f9e25f2398d1d43ebbc48af0e6ccbfd8350eb461
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3768374bda3e6b0801132884ca819fca2fb1df591182a606aad11872b95e0de
fb3bc28d4be0f4375c73f58301b093cbda4b09f8a78ebc0593426e3fdcced7f7
fbb9f83a7d3a976540a7c240dc7019eb4922a3e1beede9e3bd6054c1b1511630