urlscan.io logo urlscan.io
SecurityTrails logo

investmentbill.com Open in urlscan Pro
194.195.84.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://investmentbill.com/
Submission: On June 11 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 47 HTTP transactions. The main IP is 194.195.84.79, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is investmentbill.com.
TLS certificate: Issued by R3 on June 8th 2022. Valid for: 3 months.
This is the only time investmentbill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    194.195.84.79 (Germany)

ASN47583 (AS-HOSTINGER, CY)
investmentbill.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
a.omappapi.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    134.209.139.131 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
inpage.eu.adopexchange.com
1    138.68.123.32 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
tracking.eu.iojdsvn0.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
s.adoppop.com
Apex Domain
Subdomains		 Transfer
16 investmentbill.com
investmentbill.com
211 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 146
211 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
148 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 82
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 48
5 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5023
57 KB
2 gstatic.com
fonts.gstatic.com
75 KB
1 adoppop.com
s.adoppop.com — Cisco Umbrella Rank: 112665
12 KB
1 iojdsvn0.com
tracking.eu.iojdsvn0.com — Cisco Umbrella Rank: 21433
165 B
1 adopexchange.com
inpage.eu.adopexchange.com
2 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4822
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 816
476 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 434
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
47 15
Domain Requested by
16 investmentbill.com investmentbill.com
6 pagead2.googlesyndication.com investmentbill.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.googletagmanager.com investmentbill.com
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 a.omappapi.com investmentbill.com
a.omappapi.com
2 fonts.gstatic.com fonts.googleapis.com
1 s.adoppop.com
1 tracking.eu.iojdsvn0.com 1 redirects
1 inpage.eu.adopexchange.com cdn.jsdelivr.net
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net investmentbill.com
1 fonts.googleapis.com investmentbill.com
47 17

This site contains links to these domains. Also see Links.

Domain
example.com
3qap.com
Subject Issuer Validity Valid
investmentbill.com
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
a.omappapi.com
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.eu.jod23jgo32.com
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://investmentbill.com/
Frame ID: C71C200AD4B04EFCDA2884FAAE1BC2D4
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: 7ED09185034EC38E2C7C37C49C50C399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7595626770095273&output=html&adk=1812271804&adf=3025194257&lmt=1654936797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestmentbill.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654936797014&bpp=3&bdt=861&idt=250&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=651210257780&frm=20&pv=2&ga_vid=715939134.1654936797&ga_sid=1654936797&ga_hid=1017823289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531556%2C42531607&oid=2&pvsid=4481153967214857&pem=51&tmod=500805977&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=267
Frame ID: E0C2F3AC7E91C7B750F376B16E82F2E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE5D8A4F24EA66EB8715E2E4154F23E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE44B7126E126B7F87982DBD43EEF2D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

اهلا بك تعلم العملات الرقمية! - Investmentbill

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

98 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

16
IPs

4
Countries

761 kB
Transfer

2006 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://tracking.eu.iojdsvn0.com/rtb/feedimpression_inpage?feedid=inpzone3017&subid=site_11416_3017&uuid=b6c7a705-3556-4e5e-803e-94a458816895&ep=JYGCNZJQEYQW63X2Q27AWTCP64W36XMU4GLSEBW5GTA57IUKCTQCSIK7QDMP7XK2N6ZQJQAVUUQ4JJDS5IOTVHCLD6XBL5FOG3QKDSBCOZZSJW43GWAJBD433YYWJ7VAEIZH7U2MZQD4SXN6RCTUZREUHNVLDQ2HXIWONLQMPBKFSYAAOZ4RGK5MLEC64NNGNUDHEXSZMQ27URQQYTPEMWV2U4KOWY7PMNPG6UELBH23STYBLJQENEOIDNKCZIPWIYVBW4WBO42Q76URRBGFLR5UKVVAMPIXTN2ZMHDMISBVADIQIXATIJSWTQW4YPZSK3BXKSTKF64JLAXXNPBSZYCFSEBHCPQS4J7AVM4AWKDBYY7J6UVGDVELMFNOHQXKFTFYFI57NH6FQ5DLY6RATTONJIKGO2VF56TDEEJKZXIZQWHZNNUQ%3D%3D%3D%3D HTTP 302
  • https://s.adoppop.com/images/icon/tinder1.png

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
investmentbill.com/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.29
Resource Hash
aefc1305565144ee8b9571a38b61ef6eb1abc772d34cb6b4ad2e695affa5757f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
13257
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 08:39:56 GMT
etag
"1193-1654901272;br"
link
<https://investmentbill.com/wp-json/>; rel="https://api.w.org/" <https://investmentbill.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json" <https://investmentbill.com/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.4.29
js
www.googletagmanager.com/gtag/ 		194 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f77b683a1f673fda5d5f314778ff9e204f00a3dbc452ffd35690283f3123b017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70727
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:56 GMT
wp-emoji-release.min.js
investmentbill.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"48b9-62a1a47c-1fa490feb1e7b058;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
4572
expires
Sat, 18 Jun 2022 08:39:56 GMT
style-rtl.min.css
investmentbill.com/wp-includes/css/dist/block-library/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"15a87-62a1a47c-c0512550ae1a1f40;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
10637
expires
Sat, 18 Jun 2022 08:39:56 GMT
wpforms-full.min.css
investmentbill.com/wp-content/plugins/wpforms-lite/assets/css/ 		39 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:43:01 GMT
server
LiteSpeed
etag
"9be9-62a1a485-1998bdbc0c72f850;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
5031
expires
Sat, 18 Jun 2022 08:39:56 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c843aa0d1103ba0f2c5c1f0e9063c6e1131eed0df30d5b28a09bfd8374f061f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 08:39:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Jun 2022 08:39:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Jun 2022 08:39:56 GMT
genericons-neue.css
investmentbill.com/wp-content/themes/reykjavik/assets/fonts/genericons-neue/ 		23 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/fonts/genericons-neue/genericons-neue.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
843d327fab062c3f4d4e17f3d4b566b0f5f0ef77dc64ccf8fc45bb24c8727751
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"5c52-62a386c0-c38b388780af1fa7;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
13985
expires
Sat, 18 Jun 2022 08:39:56 GMT
main-rtl.css
investmentbill.com/wp-content/themes/reykjavik/assets/css/ 		155 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/css/main-rtl.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6774191b9cf57bf8ca4f85bc06b1915154ce8b611a6b4578a3b01106377448a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"26cc5-62a386c0-709a0c937fcf2225;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
23586
expires
Sat, 18 Jun 2022 08:39:56 GMT
blocks-rtl.css
investmentbill.com/wp-content/themes/reykjavik/assets/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/css/blocks-rtl.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2ba91d41b031efa7a2b119fd6004e927702072fb7d8d7c874532e5bd52c653b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"3ad7-62a386c0-482ffe9de86d98af;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2651
expires
Sat, 18 Jun 2022 08:39:56 GMT
css-vars-ponyfill.min.js
investmentbill.com/wp-content/themes/reykjavik/library/js/vendors/css-vars-ponyfill/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/library/js/vendors/css-vars-ponyfill/css-vars-ponyfill.min.js?ver=v2.4.7
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2c049e2645f062c349703323ee0ec996a783872b2ef86070ed6f137af23c8432
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"5a30-62a386c0-f946f784f5ab2fdc;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7427
expires
Sat, 18 Jun 2022 08:39:56 GMT
frontend-gtag.min.js
investmentbill.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.3
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:43:08 GMT
server
LiteSpeed
etag
"2e7a-62a1a48c-ec29a516af96ed0b;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3019
expires
Sat, 18 Jun 2022 08:39:56 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-231302988-1
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6d7be6b9982cbb166b24d5846f369eedc16cb87ee4041302f79bcc82c3a288a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40742
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:56 GMT
jquery.min.js
investmentbill.com/wp-includes/js/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"15db1-62a1a47c-906a1ac2dcf2dfb7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
30027
expires
Sat, 18 Jun 2022 08:39:56 GMT
jquery-migrate.min.js
investmentbill.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"2bd8-62a1a47c-7d96b1df7c56f880;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3984
expires
Sat, 18 Jun 2022 08:39:56 GMT
a11y-menu.dist.min.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/vendors/a11y-menu/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/vendors/a11y-menu/a11y-menu.dist.min.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5a3d425d8c7e7c0b29b4c57cac7c9d353310663487522eb21af2905fe93a80ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"1688-62a386c0-708f85cec531d1b4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1798
expires
Sat, 18 Jun 2022 08:39:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc5800e221367fc48055a356c32e29baf34eae2a81d367eab087bec9252cab51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56299
x-xss-protection
0
server
cafe
etag
16444589461960936717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:39:56 GMT
stack-of-nine-golden-bitcoins.jpg
investmentbill.com/wp-content/uploads/2022/06/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investmentbill.com/wp-content/uploads/2022/06/stack-of-nine-golden-bitcoins.jpg
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a02c3f0609ba0330ee2c06c7aa596e1221eba8d52f6bb41ca1ec735ecce79a38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
last-modified
Fri, 10 Jun 2022 18:06:42 GMT
server
LiteSpeed
etag
"16918-62a38832-3ea6a5a887c2dbe7;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
92440
expires
Sat, 18 Jun 2022 08:39:56 GMT
bundle.js
cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/bundle.js
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74be86e0df5f88032c07baa8cb0c4020f641f72bce7e88e898d7b299bd40d44e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
1.0.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19138-FRA, cache-lcy19250-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"b676-rN3LVDM0hU49PJZL3+q6qOKvExk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VQ435TOZyVjfjL4t01%2FfXm0CWuzv2jVDXSRzkYl3XvJxYXM7NCK%2BByr9U9E%2BS8DQqxLFSbKOsx8CVIxZVS4P8evwMzqtjLYD3kKD8WzVEYXbkHOoDQv5E4X%2BsMY1fhqd9ULK7Yvq9kwcERZeeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71990a046cc976d7-LHR
skip-link-focus-fix.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		835 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/skip-link-focus-fix.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e19681bcc74d38930852534d554fffc6930f50ff05a2f18d6e4d07e6d8f9a779
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"343-62a386c0-aa74774f507713c1;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
420
expires
Sat, 18 Jun 2022 08:39:56 GMT
scripts-navigation-mobile.min.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		908 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/scripts-navigation-mobile.min.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0b5d94d6ecb2833c94db10c833f21eca5284b0cf5621a00a000b380b79e0a4c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"38c-62a386c0-460feea24c655e9b;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
363
expires
Sat, 18 Jun 2022 08:39:56 GMT
scripts-global.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		779 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/scripts-global.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
14d79127b478895c3be8d76f698efe7bdf1f54a67282a5badbe2fd2a5d08ab14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"30b-62a386c0-515c3fde7fb81e91;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
374
expires
Sat, 18 Jun 2022 08:39:56 GMT
collect
www.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=1017823289&_z=ccd.vdB&gdid=dZGIzZG&cid=715939134.1654936797&ul=en-us&sr=1600x1200&_s=1&sid=1654936796&sct=1&seg=0&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-231302988-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
184629475b524f683571bfb7cbed05faec291ddcaa0f2d96c7b5ca91dd3eaece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39809
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:56 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options
nosniff
age
378467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 23:32:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:05 GMT
x-content-type-options
nosniff
age
315171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:05 GMT
api.min.js
a.omappapi.com/app/js/ 		189 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
892ea632a364c2124e67fc5c066c87e1afd109c56a7e5fdae2e3fd3423a7aa5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
cdn-edgestorageid
887
perma-cache
HIT
cdn-storageserver
DE-165
cdn-cachedat
06/09/2022 19:46:55
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 19:44:55 GMT
cdn-proxyver
1.02
cdn-fileserver
310
etag
W/"62a24db7-2f298"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
443f525be416c075fc57538d575e2c54
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-231302988-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3911
date
Sat, 11 Jun 2022 07:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 09:34:46 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=1017823289&_z=ccd.vdB&gdid=dZGIzZG&cid=715939134.1654936797&ul=en-us&sr=1600x1200&_s=2&sid=1654936796&sct=1&seg=0&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=scroll&ep.forceSSL=true&ep.link_attribution=true&epn.percent_scrolled=90&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/ 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4636ed0f32bb1de20b09543847c7c68fb541286460d4c1da746a0980d7869f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123032
x-xss-protection
0
server
cafe
etag
10989133535762283535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:39:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame 7ED0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 16:06:35 GMT
etag
14734731752043123527
expires
Fri, 24 Jun 2022 16:06:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1017823289&t=pageview&_s=1&dl=https%3A%2F%2Finvestmentbill.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1249724803&gjid=1676752870&cid=715939134.1654936797&tid=UA-231302988-1&_gid=1420274654.1654936797&_r=1&gtm=2ou680&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&z=1930437599
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://investmentbill.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.min.css
a.omappapi.com/app/js/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
cdn-edgestorageid
887
perma-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
06/09/2022 19:46:55
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id
GJVPVAFKJSKPSAHQ
x-amz-id-2
UctaBnMq/kcq0dd8YFJjYR5RrlBD+tKrJdcheeF87G/Czw3bdv9YrfuYPEOe2CpIIw7x7lP8UGI=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 19:44:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"0bba6c591728c9a6ab3684c78e2569a5"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
07a7b1f3a4a2a114b60d9128ea6ee993
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
cookie.js
partner.googleadservices.com/gampad/ 		12 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=investmentbill.com&callback=_gfp_s_&client=ca-pub-7595626770095273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E0C2 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7595626770095273&output=html&adk=1812271804&adf=3025194257&lmt=1654936797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestmentbill.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654936797014&bpp=3&bdt=861&idt=250&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=651210257780&frm=20&pv=2&ga_vid=715939134.1654936797&ga_sid=1654936797&ga_hid=1017823289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531556%2C42531607&oid=2&pvsid=4481153967214857&pem=51&tmod=500805977&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=267
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 08:39:57 GMT
expires
Sat, 11 Jun 2022 08:39:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220608&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05759672dc7c0fce52caf49aa722a092c0341369666ecdfd2382467b7cbc81fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10732
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 08:39:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE5D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
3711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 07:38:06 GMT
expires
Sun, 11 Jun 2023 07:38:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE44 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13ca05de5bb4656c7bba863cc456811bd2edfa64c13ff894f524259e02f1e006
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-v5wK4TeK-JWmY_HKLtlu-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-v5wK4TeK-JWmY_HKLtlu-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 08:39:57 GMT
expires
Sat, 11 Jun 2022 08:39:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame BE5D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
127949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BE44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220608&jk=4481153967214857&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BE5D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bgeMUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220608&jk=4481153967214857&bg=!-vml-b3NAAaJfvByqX47ACkAdvg8WmcNlTaER57CWAjpt9TcnKd-OkSmwXzroUPC555ZsdaF69AYbQIAAABQUgAAAAJoAQcKAPVHknFvlI-dBnTHh9NQe71JkzGXOlhZPDuHq7tXAwbDgHQwCaDnT4lNxRFX_cDOsQ6letlFTiNY56BNubWbDtJxnaUgyEB_ODLjn9LKXInhp6CgBnUSmbqoczICyWtJvFlc2iy_qaoxPlgZIdOsHhL9RktusmjhmUZ2L2iiUShp9z5P6rM-hsFojitlPkTHO8h4G5CTTQNAzGMkkJh_7wm5eDs_cDp84ESL1LbU2SLT-bkJKulQhAh4JojcoGdUnVGsZVYqExQDnBg4K-2jO3KzVdgnnWyH-O732lcG6gZn35jGNaYWsxzFYpFyEfZhFJE3vyDmHJkCpIdhpME48FIi_ph8_IhDeYJKYBdx1fjq5gD87Jv9N9j2EaDdqPA4FIkjwlI9n41nCukwucuakQvVh6r8xXc4XR4DQT7V46pW0ZJGAM_3m1blJdSkE0idDicVP8e5laKf9DDYCX469H-adcT7ZQi_xtPXsYwH5q9cc2bDUH1L29HhBMD616uS41ljonPYtmo_bm3du6eRFIoKXyFTlVbJzV1q32VMEDlpdPqqarG8PcJbNtNvVzfrxJufRpytKzNYyLFQ1Zv5-SwAKAa1LuYb2u0eTqjD1UFIVvtdEultHW_0sjj9cmwRxa27DV3Eso10hXcaP_pufKA9ieb0B4oY8Ta2v-520LbAOWiChQBHR-RKkVumeq0MvccF4xd4uCRJkbK_i-3jyymw33q2-04Qw9CTwBZkerw9JtV6Jnm50tGzXV2i3ofyWaS-JCoD1IhooJh-h8oAQe7EA_mArkfGB_X-0fO99nLuDhPrJlOPaJ8r8SnTU72acApW8-Rn4DOEQdrfTsycAhytnMNiT6dJysuWjiSoqbe9n5gOuvwtMCbGKJTo7GKNjXmBH5yo5HuiwGT3wlWw6nfz-MU5rXkYsG3MAQsPghgye-D0B4-xPM2Pr1qu5copZBGn5J7QNlAhdFe_QqgfPbuPPwaTJt4h96liIp0lRyipCx0qBbkjKDf1ercvQUS2wwwFz0neONYyAlX6M6h29U7JNEOKLyM_4L__5HM9CTxgHyJ3n4gO3gmU5uOWDL90Kujx4t9DXG_1fm-ImEZKV5kRu5vIU4Uho8X3LXPakLSFca3T3Vs3X_OK1M5ASbBuzknqU_BpatLAAEZ4qQg_1SfTj4ntdxs7ys_W2JVmHMYwWcyW638nBZDUet7u8h9z27ACjGwhkYmJz72zGp8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
inpage
inpage.eu.adopexchange.com/rtb/search/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://inpage.eu.adopexchange.com/rtb/search/inpage?feedid=inpzone3017&subId=site_11416_3017&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/102.0.5005.61%20Safari/537.36&count=3&format=json&keywords=best,price&url=https://investmentbill.com/&domain=investmentbill.com
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.139.131 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
bda454857e4a8376c0700bb79e8f3d4a8a1c7734967406b0dfd94842c50a185b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Jun 2022 08:39:59 GMT
access-control-allow-credentials
true
content-length
1787
content-type
application/json;charset=utf-8
tinder1.png
s.adoppop.com/images/icon/
Redirect Chain
  • https://tracking.eu.iojdsvn0.com/rtb/feedimpression_inpage?feedid=inpzone3017&subid=site_11416_3017&uuid=b6c7a705-3556-4e5e-803e-94a458816895&ep=JYGCNZJQEYQW63X2Q27AWTCP64W36XMU4GLSEBW5GTA57IUKCTQC...
  • https://s.adoppop.com/images/icon/tinder1.png
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adoppop.com/images/icon/tinder1.png
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1f519913ed9fc3ccbb40138a73f98741b0cc7ed6b6a7bc6384fc43cdecb7e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1559655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11339
last-modified
Tue, 07 Sep 2021 15:51:24 GMT
server
cloudflare
etag
"61378a7c-2c4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiTpy%2BsrNyohmgiF2jGpepQcb%2BjqRjmnPKQC1bCrYAu2HYyR1wHfqNRs5XNEOF2RSk1kNiwo8%2FOP7yAMBlRtmK34P1B0yBEz7Trm9nSHek7iE37FO4T8M%2BduqnsvRKt0g4GuX3s61Y7rKw64"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
71990a17283d72ee-LHR
expires
Thu, 23 Jun 2022 07:25:44 GMT

Redirect headers

location
https://s.adoppop.com/images/icon/tinder1.png
date
Sat, 11 Jun 2022 08:39:59 GMT
referrer-policy
no-referrer
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=1017823289&_z=ccd.vdB&gdid=dZGIzZG.dZTNiMT&cid=715939134.1654936797&ul=en-us&sr=1600x1200&_s=3&sid=1654936796&sct=1&seg=1&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=page_view&_ee=1&_et=446
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:40:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| twemoji object| wp object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| cssVars function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| a11yMenuConfig object| regeneratorRuntime function| AdopInPagePush object| $reykjavikBreakpoints object| omapi_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| gaplugins object| gaData object| _omapp function| OptinMonsterApp boolean| om_loaded function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.investmentbill.com/ Name: _ga_GJZ319WS8S
Value: GS1.1.1654936796.1.1.1654936796.0
.investmentbill.com/ Name: _ga
Value: GA1.2.715939134.1654936797
.investmentbill.com/ Name: _gid
Value: GA1.2.1420274654.1654936797
.investmentbill.com/ Name: _gat_gtag_UA_231302988_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
adservice.google.co.uk
adservice.google.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inpage.eu.adopexchange.com
investmentbill.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.adoppop.com
tpc.googlesyndication.com
tracking.eu.iojdsvn0.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
134.209.139.131
138.68.123.32
142.250.184.194
185.152.64.17
194.195.84.79
2606:4700::6810:5814
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a06:98c1:3120::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05759672dc7c0fce52caf49aa722a092c0341369666ecdfd2382467b7cbc81fe
0b5d94d6ecb2833c94db10c833f21eca5284b0cf5621a00a000b380b79e0a4c6
13ca05de5bb4656c7bba863cc456811bd2edfa64c13ff894f524259e02f1e006
14d79127b478895c3be8d76f698efe7bdf1f54a67282a5badbe2fd2a5d08ab14
184629475b524f683571bfb7cbed05faec291ddcaa0f2d96c7b5ca91dd3eaece
2ba91d41b031efa7a2b119fd6004e927702072fb7d8d7c874532e5bd52c653b9
2c049e2645f062c349703323ee0ec996a783872b2ef86070ed6f137af23c8432
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3d425d8c7e7c0b29b4c57cac7c9d353310663487522eb21af2905fe93a80ff
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6774191b9cf57bf8ca4f85bc06b1915154ce8b611a6b4578a3b01106377448a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74be86e0df5f88032c07baa8cb0c4020f641f72bce7e88e898d7b299bd40d44e
843d327fab062c3f4d4e17f3d4b566b0f5f0ef77dc64ccf8fc45bb24c8727751
892ea632a364c2124e67fc5c066c87e1afd109c56a7e5fdae2e3fd3423a7aa5f
a02c3f0609ba0330ee2c06c7aa596e1221eba8d52f6bb41ca1ec735ecce79a38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ac1f519913ed9fc3ccbb40138a73f98741b0cc7ed6b6a7bc6384fc43cdecb7e2
aefc1305565144ee8b9571a38b61ef6eb1abc772d34cb6b4ad2e695affa5757f
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda454857e4a8376c0700bb79e8f3d4a8a1c7734967406b0dfd94842c50a185b
c843aa0d1103ba0f2c5c1f0e9063c6e1131eed0df30d5b28a09bfd8374f061f9
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cc5800e221367fc48055a356c32e29baf34eae2a81d367eab087bec9252cab51
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e19681bcc74d38930852534d554fffc6930f50ff05a2f18d6e4d07e6d8f9a779
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581
f4636ed0f32bb1de20b09543847c7c68fb541286460d4c1da746a0980d7869f7
f6d7be6b9982cbb166b24d5846f369eedc16cb87ee4041302f79bcc82c3a288a
f77b683a1f673fda5d5f314778ff9e204f00a3dbc452ffd35690283f3123b017