urlscan.io logo urlscan.io
SecurityTrails logo

paymybill.guru Open in urlscan Pro
192.124.249.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paymybill.guru/
Effective URL: https://paymybill.guru/
Submission: On February 08 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 28 domains to perform 190 HTTP transactions. The main IP is 192.124.249.119, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is paymybill.guru.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on July 27th 2023. Valid for: a year.
This is the only time paymybill.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 192.124.249.119 30148 (SUCURI-SEC)
35 74.125.200.156 15169 (GOOGLE)
4 64.233.170.97 15169 (GOOGLE)
6 64.233.170.95 15169 (GOOGLE)
6 74.125.130.94 15169 (GOOGLE)
2 18 172.217.194.154 15169 (GOOGLE)
25 74.125.200.132 15169 (GOOGLE)
3 74.125.24.139 15169 (GOOGLE)
2 216.239.36.181 15169 (GOOGLE)
2 64.233.170.156 15169 (GOOGLE)
1 172.253.118.94 15169 (GOOGLE)
3 6 142.251.175.104 15169 (GOOGLE)
9 74.125.24.94 15169 (GOOGLE)
3 142.251.175.156 15169 (GOOGLE)
3 172.217.194.95 15169 (GOOGLE)
7 18 74.125.24.157 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
3 4 103.43.89.4 29990 (ASN-APPNEX)
8 74.125.200.148 15169 (GOOGLE)
2 2 124.146.153.170 2514 (INFOSPHER...)
2 211.120.53.192 4694 (IDCF IDC ...)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 139.162.23.100 63949 (AKAMAI-LI...)
2 2 64.202.112.63 23352 (SERVERCEN...)
1 133.186.161.88 45974 (NHN-AS-KR...)
2 3 77.88.21.90 13238 (YANDEX)
1 1 23.66.3.146 20940 (AKAMAI-ASN1)
4 142.250.191.67 15169 (GOOGLE)
4 74.125.130.155 15169 (GOOGLE)
2 2 3.33.220.150 16509 (AMAZON-02)
1 1 54.168.117.42 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
2 2 185.84.60.20 198622 (ADFORM)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 103.132.192.30 138552 (RTBHOUSE-...)
1 1 35.208.249.213 15169 (GOOGLE)
1 1 35.213.89.133 15169 (GOOGLE)
1 1 64.233.170.100 15169 (GOOGLE)
3 142.251.85.137 15169 (GOOGLE)
2 172.253.118.155 15169 (GOOGLE)
190 29
32    192.124.249.119 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10119.sucuri.net
paymybill.guru
35    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
pagead2.googlesyndication.com
4    64.233.170.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f97.1e100.net
www.googletagmanager.com
6    64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net
fonts.googleapis.com
6    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
fonts.gstatic.com
18    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
googleads.g.doubleclick.net
25    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
3    74.125.24.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f139.1e100.net
www.google-analytics.com
2    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
1    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
www.google.com.sg
6    142.251.175.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f104.1e100.net
www.google.com
9    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
3    142.251.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net
www.googletagservices.com
3    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
imasdk.googleapis.com
18    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
8    74.125.200.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f148.1e100.net
s0.2mdn.net
2    124.146.153.170 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    211.120.53.192 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
a.c.appier.net
2    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
app.cauly.co.kr
3    77.88.21.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    23.66.3.146 (El Segundo, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-66-3-146.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
4    142.250.191.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nuq04s43-in-f3.1e100.net
csi.gstatic.com
4    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
www.googleadservices.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    54.168.117.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-117-42.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
ams.creativecdn.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
cm.creativecdn.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
1    35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com
trace.popin.cc
1    64.233.170.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f100.1e100.net
gcdn.2mdn.net
3    142.251.85.137 (United States)

ASN15169 (GOOGLE, US)
PTR: sin26s06-in-f9.1e100.net
r4---sn-npoldn7d.c.2mdn.net
2    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
60 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
725 KB
40 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
243 KB
32 paymybill.guru
paymybill.guru
587 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
222 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
gcdn.2mdn.net — Cisco Umbrella Rank: 1402
r4---sn-npoldn7d.c.2mdn.net — Cisco Umbrella Rank: 351705
144 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
143 KB
8 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
3 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
cm.creativecdn.com — Cisco Umbrella Rank: 10608
ams.creativecdn.com — Cisco Umbrella Rank: 9710
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
gdn.socdm.com — Cisco Umbrella Rank: 108572
4 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
339 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 6258
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
879 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
1 popin.cc
trace.popin.cc — Cisco Umbrella Rank: 2861
466 B
1 mediago.io
gtrace.mediago.io — Cisco Umbrella Rank: 3342
886 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
363 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 37465
588 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2898
1 KB
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 90976
161 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 9026
645 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 57383
719 B
1 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13364
408 B
190 28
Domain Requested by
35 pagead2.googlesyndication.com paymybill.guru
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
32 paymybill.guru 1 redirects paymybill.guru
25 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
paymybill.guru
imasdk.googleapis.com
18 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
18 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
paymybill.guru
googleads.g.doubleclick.net
9 www.gstatic.com googleads.g.doubleclick.net
8 s0.2mdn.net paymybill.guru
s0.2mdn.net
6 www.google.com 3 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com paymybill.guru
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 www.googleadservices.com
4 csi.gstatic.com imasdk.googleapis.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.googletagmanager.com paymybill.guru
www.googletagmanager.com
3 r4---sn-npoldn7d.c.2mdn.net
3 an.yandex.ru 2 redirects
3 imasdk.googleapis.com googleads.g.doubleclick.net
3 www.googletagservices.com paymybill.guru
googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads4.g.doubleclick.net paymybill.guru
2 creativecdn.com 2 redirects
2 c1.adform.net 2 redirects
2 match.adsrvr.org 2 redirects
2 b1sync.zemanta.com 2 redirects
2 gdn.socdm.com
2 tg.socdm.com 2 redirects
2 analytics.google.com www.googletagmanager.com
1 gcdn.2mdn.net 1 redirects
1 trace.popin.cc 1 redirects
1 gtrace.mediago.io 1 redirects
1 ams.creativecdn.com
1 cm.creativecdn.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 dynalyst-sync.adtdp.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 analytics.pangle-ads.com 1 redirects
1 app.cauly.co.kr googleads.g.doubleclick.net
1 a.c.appier.net 1 redirects
1 sync.fout.jp 1 redirects
1 www.google.com.sg
1 stats.g.doubleclick.net www.googletagmanager.com
190 42

This site contains no links.

Subject Issuer Validity Valid
paymybill.guru
Starfield Secure Certificate Authority - G2		 2023-07-27 -
2024-07-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-16 -
2024-03-26		 2 months crt.sh

This page contains 23 frames:

Primary Page: https://paymybill.guru/
Frame ID: 23B7D9B4797346287CA449704B08CD77
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html
Frame ID: A2EF8E4EC0F8A128B7663D95ACCD1649
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&adk=1812271804&adf=3025194257&lmt=1707364063&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fpaymybill.guru%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437459&bpp=21&bdt=3655&idt=134&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5463904846722&frm=20&pv=2&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: D07B5E30126A812D3FC2F4C0F36C6B8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Frame ID: 7E92DA425D57990174D05588F1DDE6F6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6D07C1EBDDC6AD6FA018F212694389E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6186578EBCCEDB8DF59A33BD1E00011B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 11E763AB5C2E9DDD5FF7D22EC282AD64
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Frame ID: BD5C4623499E946773B76B3FFCE18D21
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2E1D3702B53C3F54A2A355426098E6ED
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2B2056C8260CBACD2835EA9BC8A306AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Frame ID: 58EB02AFBF2F11CCD41D5049D0D3E736
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 49BEE0A95D737C6DAE086245886EEA5C
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Frame ID: 0C3E4F08B9C0214FCD1B1DBB01ECA071
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DB3E5411AE98ECA226042506127029CA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55FAF5A1BF93C3EC90AAB80B253B826B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42AD195E93FFE3613DD8A5A86E7B3277
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2F673F8D2348BB82DA6D16CB07E2DF4B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6041F22726957374A3F5CFB72CEEC95E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 92117A40479226FB81DEC5AC9ADE180D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E27D7101C1382FCCC7055C8830766DBB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: 713C766A78BB7C0F8CDDF680F03CA1DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FEB4D46296FE5FF0D6669A05F7D9951D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Frame ID: 9BAC90080F918AA252F20E3653604E8C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay My Bill Guru - PayMyBill.GuruPay My Bill Guru - PayMyBill.Guru

Page URL History Show full URLs

  1. http://paymybill.guru/ HTTP 301
    https://paymybill.guru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

90 %
HTTPS

0 %
IPv6

28
Domains

42
Subdomains

29
IPs

6
Countries

2656 kB
Transfer

8291 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paymybill.guru/ HTTP 301
    https://paymybill.guru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1&C=1
Request Chain 97
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcTBoMsGSmc6RB1xT.M9rAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7u_8bln9IPTmLJ81vX8TA&google_cver=1&google_hm=2
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIL9j0aISQeXjgMx47dnHaU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIL9j0aISQeXjgMx47dnHaU%26google_cver%3D1
Request Chain 99
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDEyNzM4MjU2NTM5MTYx
Request Chain 132
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 140
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 141
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESECT9MGbwdlJ0P_whvbrAuks&google_cver=1&google_push=AXcoOmTHBey_iSlwn3cE2LPAYI3R6SWsuj3QsgyBJozS18zqBF-ohUO6e_wr1VfHAXCb_01pSd3JmEp_6QnRVrBmSkEM_oZbOM2noOL7zljRZCFowyFaNM9q9xoxD8yjaW74yyOSPNcRBQGzlC6yAbY3XsDa0w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmNUQm9NQ284WHdBQUhlbnFkc0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
Request Chain 142
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEIDi7HFjvUTHYDb8BnKnpP4&google_cver=1&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSuppvMXL9kD-sQ_uYZbelvggE9l_I1dxabJSFK1Ghgj4zQtURZG6qkJIk1R8elWtSSpncsazmEXCmjVZ5pFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSuppvMXL9kD-sQ_uYZbelvggE9l_I1dxabJSFK1Ghgj4zQtURZG6qkJIk1R8elWtSSpncsazmEXCmjVZ5pFg&google_hm=VFMzRDJGM3lEMGxhRGJVZG9tTmo3c0VFMHVF&from_google=sp1
Request Chain 143
  • https://a.c.appier.net/gcm?google_gid=CAESELO68ZxT_YjDN9qEUDw37KY&google_cver=1&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9iX2wrS6yRS814Yp50xOJCCxDLSQMYd7gZf3lgwphd6AfYXRZbtgJVOgiQ_FYyhchJENc3G0XQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YWRCckRmd2JBMXk1QlBxam9NSEVaUQ%3D%3D&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9iX2wrS6yRS814Yp50xOJCCxDLSQMYd7gZf3lgwphd6AfYXRZbtgJVOgiQ_FYyhchJENc3G0XQw
Request Chain 144
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFZF5TViYevKgiC0eBc077M&google_cver=1&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1EceYYBM8ZC6XAopA8dFY0uNG3Hw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFZF5TViYevKgiC0eBc077M&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1EceYYBM8ZC6XAopA8dFY0uNG3Hw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1EceYYBM8ZC6XAopA8dFY0uNG3Hw&google_hm=bFlndzNsN2lwaVFxQi1ZTFdwVjA=
Request Chain 146
  • https://an.yandex.ru/mapuid/google/CAESEECbJuzh48DE4VfCQ5_nshg?ext-param=AXcoOmRcU0KHef08Gi-oL0z1SU6FXaKVaQiXd-SriBK5KP0lr2BiBdcr-2qCupChaNK3erwEx2PFJg2bD8WyIjqDzFo_0nmp_FAZjmW1kkMyy2RGOuEZu2-R_dieLnyrJR5CV31xG4tkyAddbEwkECjgiDnNA1g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEECbJuzh48DE4VfCQ5_nshg?redir-setuniq=1&ext-param=AXcoOmRcU0KHef08Gi-oL0z1SU6FXaKVaQiXd-SriBK5KP0lr2BiBdcr-2qCupChaNK3erwEx2PFJg2bD8WyIjqDzFo_0nmp_FAZjmW1kkMyy2RGOuEZu2-R_dieLnyrJR5CV31xG4tkyAddbEwkECjgiDnNA1g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEECbJuzh48DE4VfCQ5_nshg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 147
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAgAHzmE46-23I72A5QaBrQ&google_cver=1&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy-I8uLyhhaTQfQG8_Jmq9TxzNcuSGiIjZYp8O6QWIC4FN9iAjKO01H17pkNlW3PsA1pZkZ6Zi1m3pfds8GBqL-2u9KiaI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy-I8uLyhhaTQfQG8_Jmq9TxzNcuSGiIjZYp8O6QWIC4FN9iAjKO01H17pkNlW3PsA1pZkZ6Zi1m3pfds8GBqL-2u9KiaI
Request Chain 153
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0kYWnsHEZeLHBODmrtoPqc68mA_TvsT1dJr89My2EsCNtwEQASC4p8OTAWC_BaABz8a2zirIAQGpAlBptrJu8Kg-qAMByAPDBKoEywFP0Cyyf8UyOpPmYTaa59_ZAZpimuTZnq5fIK5uDid1mVqJWO3RHv0xfwDFDbYhw9eBXWUXI-F_5hywrGIXQpkqe6W5e3w_pN_OE4RfZJYO-PjFEyD60YMfNbUefeU-iP9WeUhbxSJmuxWZSO1rPalyRb_ZQpo2LC5xyV6ZuAxCsRAqRNbLH2Ut4JATCczguapRW14Vp7c0_qWSTa585YrzLHs5iN3N5JsmbJ7iQh0hk1QH_N2mQ3RX7Wa3pOOjIyznmhlI49wxubm50sAEmIzQxMkEiAWZsfLZTZIFBAgEGAGSBQQIBRgEoAZmgAfP_oauBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELLdBdIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljR4via2JuEA5oJ4QFodHRwczovL3d3dy5vY2JjLmNvbS9idXNpbmVzcy1iYW5raW5nL3NtZXMvbG9hbnMvYnVzaW5lc3MtcmV2b2x2aW5nLXNob3J0LXRlcm0tbG9hbj9jaWQ9c2c6ZW46Z2NiOmJ1c2luZXNzLWxvYW5zOlJldm9sdmluZy1UZXJtLUxvYW46RGVjOjIwMjM6c2VtOmdvb2dsZTpwcm9zcGVjdGluZzpDb21wZXRpdG9yOlJlc3BvbnNpdmUtU2VhcmNoLUFkOjo6Njg5NDIyMDM2MDcxJmdjbHNyYz1hdy5kcyaACgHICwHaDBAKChDQ_brS7s_Y7kcSAgED2BMK0BUBgBcBshccChoIABIUcHViLTc2NTUzOTU3MDc1NjAxMjgYAA&sigh=E-7k-Y8kKqo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_B73mhm958El6bCtxdGu5pjX2Q4mLYYwrK-IRVg6YRcuDtABIIOZMSZpv3P7ja9eeuKEiYSKjfeoCHnMkWm87kpUTyMjB-e0sRBgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220xa4459fa8f54d5dc0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%2215369869854781493522%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226633338879682597249%22}&andc=true
Request Chain 154
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKBJ-SoT2ujYHfH_RVwYQS4&google_cver=1&google_push=AXcoOmSvJMIBAI2Ei43p9wD1CzCOeH7Q5KfWsy6d4fWsTX4jGIbJQVBIu5ltWT-eGHWMBjiQDIDqRN7SSpWhhvxF9LhQQ3s1rPw4-Rs HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKBJ-SoT2ujYHfH_RVwYQS4&google_cver=1&google_push=AXcoOmSvJMIBAI2Ei43p9wD1CzCOeH7Q5KfWsy6d4fWsTX4jGIbJQVBIu5ltWT-eGHWMBjiQDIDqRN7SSpWhhvxF9LhQQ3s1rPw4-Rs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWU1MzMwMzAtMWYwNS00YWE5LTg4ZGEtMTZlOGY1YzE2MjY0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ae533030-1f05-4aa9-88da-16e8f5c16264
Request Chain 155
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1&google_push=AXcoOmRPmAJ8bEbQwsEdz07ngKv90bMEtijrYYIfAlh5_vndMv2-9qi949tH_QOwl2twk1Th0UOq9jhMKQwY2xy6tjGP0GP_W090gX8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmNUQm9NQ284WWtBQUFhbkx0UUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
Request Chain 156
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPVKsN9flnMb85m2xYWXiMU&google_cver=1&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpomb0cEHd2b3lCL03Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg2NDM1NzQwOTk&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpomb0cEHd2b3lCL03Q
Request Chain 158
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM_PFHkAe1AFp0uzgxCrYa8&google_cver=1&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ffXkwuxkPB8B7zvmgKOeFv-g HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM_PFHkAe1AFp0uzgxCrYa8&google_cver=1&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ffXkwuxkPB8B7zvmgKOeFv-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NDExNTk2MjgwMDkyMjE3Mg&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ffXkwuxkPB8B7zvmgKOeFv-g
Request Chain 159
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&google_cver=1&google_push=AXcoOmRPiYUTm3YZE1GFgrB4tBmfzQNuc-ZEYOwhWpXXfvj9YTgwu1ZmugNb6RvU5r6WcFUxuQEWXVR5qo1yF1GmKULI1DzMUNqeHoU HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&google_cver=1&google_push=AXcoOmRPiYUTm3YZE1GFgrB4tBmfzQNuc-ZEYOwhWpXXfvj9YTgwu1ZmugNb6RvU5r6WcFUxuQEWXVR5qo1yF1GmKULI1DzMUNqeHoU&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=57w6NmUWbOGsggNN6B3ji8Jl1a-KZ7Xwqi_1jrouv9U&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&google_cver=1&google_push=AXcoOmRPiYUTm3YZE1GFgrB4tBmfzQNuc-ZEYOwhWpXXfvj9YTgwu1ZmugNb6RvU5r6WcFUxuQEWXVR5qo1yF1GmKULI1DzMUNqeHoU&tc=1 HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5 HTTP 302
  • https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Request Chain 160
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEJjLGKxfPTz91AgX2OVEyms&google_cver=1&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4 HTTP 302
  • https://trace.popin.cc/ju/cs/google?google_gid=CAESEJjLGKxfPTz91AgX2OVEyms&google_cver=1&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4&google_hm=09dd4f7efb111f8a2vhdg200lsd5yz1c
Request Chain 164
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 169
  • https://gcdn.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/97CE3396F0DB796556B122F2491FE369ABBD475A.54F7914CF7A2A9861A588598C042E779788B8392/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
Request Chain 171
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3r4nnsHEZYyPOY-LrtoPkOiCoAvTvsT1dMq4kp-6EsCNtwEQASC4p8OTAWC_BaABz8a2zirIAQGpAlBptrJu8Kg-qAMByAPDBKoEywFP0JVRGAHiKm3t9rFztjQHiTHBsAmjsgs6uBvNruLvchl3jpbBZUqL4Pd4hO__qOH476zJC3nc-oOIQvxW-xlXV_RjpxfEkPJmb-pAQMep-NM5Vjaf83YKXZn4XiAIHsmdmnmRZ7VL5ecop3C1iiueWAHF6irQ2IyrSeZGqak4d90ECJPYOzeF_MTYekRBYgHiu9xkZSALdB0J7zKU6LNbfYv2JoS9t0xRGMVsXnO6AdP1R0sXbIGks9_ODT3wRVpMZrdtfU4F0ppIE8AEiI7QxMkEiAWZsfLZTZIFBAgEGAGSBQQIBRgEoAZmgAfP_oauBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOa4BtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliCt62b2JuEA5oJ4QFodHRwczovL3d3dy5vY2JjLmNvbS9idXNpbmVzcy1iYW5raW5nL3NtZXMvbG9hbnMvYnVzaW5lc3MtcmV2b2x2aW5nLXNob3J0LXRlcm0tbG9hbj9jaWQ9c2c6ZW46Z2NiOmJ1c2luZXNzLWxvYW5zOlJldm9sdmluZy1UZXJtLUxvYW46RGVjOjIwMjM6c2VtOmdvb2dsZTpwcm9zcGVjdGluZzpDb21wZXRpdG9yOlJlc3BvbnNpdmUtU2VhcmNoLUFkOjo6Njg0NzU4NTc1MTIwJmdjbHNyYz1hdy5kcyaACgHICwHaDBEKCxCQ0fiittKaxekBEgIBA9gTCogUA9AVAYAXAbIXHAoaCAASFHB1Yi03NjU1Mzk1NzA3NTYwMTI4GAA&sigh=mZnc-MSAtHE&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_4Gk-1uNqq7nxQa1Qe7OkMHCXgTKUlTE1HV5UKr1j1WJgtV392Vp4i4k4mjG1TahzryUw4gE8XBgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220x7f0044069b10d1bb0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%222588886453821327174%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217754873350723916353%22}&andc=true

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paymybill.guru/
Redirect Chain
  • http://paymybill.guru/
  • https://paymybill.guru/
102 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
ec764bf3a8ec2b7318ccf70e193187c92fec2ff09603feda00b27ef516eb907b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 08 Feb 2024 11:57:13 GMT
expires
Thu, 08 Feb 2024 11:57:13 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
last-modified
Thu, 08 Feb 2024 03:47:43 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
x-sucuri-cache
MISS
x-sucuri-id
18019
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
24
Content-Type
text/plain
Date
Thu, 08 Feb 2024 11:57:11 GMT
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Location
https://paymybill.guru/
Server
Sucuri/Cloudproxy
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Proxy-Cache-Info
DT:1
X-Sucuri-Cache
EXPIRED
X-Sucuri-ID
18019
X-XSS-Protection
1; mode=block
3022c74bfefb145778e1b3f8c0069552.css
paymybill.guru/wp-content/cache/min/1/ 		308 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/cache/min/1/3022c74bfefb145778e1b3f8c0069552.css
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
3d86c3c6c71800c663a4d904a9cabbae390a819a1db481ccfccaa8e8ffd4f563
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:13 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 05 Feb 2024 19:35:41 GMT
server
nginx
etag
W/"65c1388d-4cfb1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
post-14896.css
paymybill.guru/wp-content/uploads/elementor/css/ 		1 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/uploads/elementor/css/post-14896.css?ver=1707160901
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
8b563da1d79b45d01f3cfc549a5849c9f462c5033b164dcb99f1661b5727ecc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 05 Feb 2024 19:21:41 GMT
server
nginx
etag
W/"65c13545-498"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
paymybill.guru/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Fri, 10 Nov 2023 07:00:32 GMT
server
nginx
etag
W/"654dd510-15601"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
paymybill.guru/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Thu, 10 Aug 2023 07:10:11 GMT
server
nginx
etag
W/"64d48d53-3509"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		9 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ccddf55828f4cda639b706f37673e3cc41de3550b72cfa93a7d246c69369334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
rhicons.woff2
paymybill.guru/wp-content/themes/rehub-theme/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/fonts/rhicons.woff2?3oibrk
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
c79b77b501a0fd228b7424ab0dc4486b66936658e72a39985f18ed38231e8841
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paymybill.guru/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
24556
x-xss-protection
1; mode=block
last-modified
Thu, 11 Mar 2021 20:57:00 GMT
server
nginx
etag
"604a841c-5fec"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cropped-AdobeStock_115258238.jpg
paymybill.guru/wp-content/uploads/2017/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/2017/09/cropped-AdobeStock_115258238.jpg
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
cca3bc776f3c3612ea8386ed6eb35d10dca61f6504840f1f669d852cb188b6d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
4034
x-xss-protection
1; mode=block
last-modified
Fri, 30 Apr 2021 20:52:02 GMT
server
nginx
etag
"608c6df2-fc2"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
inview.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/inview.js?ver=1.1
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
b5930fd8bc0b23403e579c514332fdf590d95f678f3ca2a75547b46db8e69771
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:14 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Wed, 09 Dec 2020 22:23:01 GMT
server
nginx
etag
W/"5fd14e45-58e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
pgwmodal.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/pgwmodal.js?ver=2.0
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:15 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Sat, 15 Aug 2020 17:17:10 GMT
server
nginx
etag
W/"5f381896-11ee"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
unveil.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/unveil.js?ver=5.2.1
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:15 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jun 2020 22:10:38 GMT
server
nginx
etag
W/"5efa66de-1c44"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
hoverintent.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/hoverintent.js?ver=1.9
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:15 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Wed, 25 Dec 2019 15:05:40 GMT
server
nginx
etag
W/"5e037ac4-7f6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
countdown.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/countdown.js?ver=1.1
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:15 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 22 Nov 2021 17:28:55 GMT
server
nginx
etag
W/"619bd357-1041"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.js
paymybill.guru/wp-content/themes/rehub-theme/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/js/custom.js?ver=17.9.2
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
1de8808529d5490b269bbd6f951e057e457b992172124e96311c1dccd0748b1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:15 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Sun, 26 Dec 2021 11:08:08 GMT
server
nginx
etag
W/"61c84d18-53e8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		504 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
faeadd15b1d5c676be56f89e646fab73e657384a93f063128e3a0b2d83e71241

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
noimage_336_220.png
paymybill.guru/wp-content/themes/rehub-theme/images/default/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
x-httpd
1
x-sucuri-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
x-sucuri-id
18019
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-xss-protection
1; mode=block
x-proxy-cache
MISS
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd48a3aa39e064ef4c1d48a6e6264f40260003ad60824c9aa8ccac4ff0c70f52

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
toggle.js
paymybill.guru/wp-content/plugins/AZGlossaryIndex/js/ 		751 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/AZGlossaryIndex/js/toggle.js?ver=6.4.3
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
92dea0e7d06079abb718b3cd7592df9b43386e7deaa7660e6ac687b77e843c1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Thu, 02 Nov 2017 20:25:04 GMT
server
nginx
etag
W/"59fb7f20-2ef"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
acp-custom.js
paymybill.guru/wp-content/plugins/advanced-calculator/js/ 		82 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/advanced-calculator/js/acp-custom.js?ver=01
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
d3dc8f458ab5d800080480d9ec4c818e1a72e8594049408a75aac8c983f4cea3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Tue, 08 May 2018 07:35:48 GMT
server
nginx
etag
W/"5af15354-147fd"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
stopbadbots.js
paymybill.guru/wp-content/plugins/stopbadbots/assets/js/ 		735 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/stopbadbots/assets/js/stopbadbots.js?ver=6.4.3
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
2a3bc611b7a36d5face9c4d7ecefcbcc831209427b99a84814eaa89cda62c685
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2024 08:32:26 GMT
server
nginx
etag
W/"65b21c9a-2df"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
cc2d71e68826b85acb5ccfcf54003f9e4410878c2b606631b8b60f1957c01081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52010
x-xss-protection
0
server
cafe
etag
4995690089918786742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Feb 2024 11:57:17 GMT
index.js
paymybill.guru/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 05 Feb 2024 07:38:22 GMT
server
nginx
etag
W/"65c0906e-2b6d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
paymybill.guru/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Mon, 05 Feb 2024 07:38:22 GMT
server
nginx
etag
W/"65c0906e-337e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
front.min.js
paymybill.guru/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2024 08:52:31 GMT
server
nginx
etag
W/"65b2214f-180f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads.js
paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		968 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.80
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jan 2024 14:08:16 GMT
server
nginx
etag
W/"65b119d0-3c8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7655395707560128
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
7425ae7f315a95bf57d0bee9f2841b4aa547629c2fd1459d7253d057a29e4d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52018
x-xss-protection
0
server
cafe
etag
3016745564008705661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Feb 2024 11:57:17 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108033343-2
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d83a4db046dc043f97f3cb367e34625fd38d567e2a89a88e656ca5a4ad89dffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73301
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Feb 2024 11:57:17 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CM26580JWS
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0925e6a929a9d6a28c9b1d95e3ede348c11ad7f1da7a604de8091e5a870fdda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94888
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Feb 2024 11:57:17 GMT
css
fonts.googleapis.com/ 		48 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 10:06:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:17 GMT
cropped-AdobeStock_115258238.jpg
paymybill.guru/wp-content/uploads/2017/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/2017/09/cropped-AdobeStock_115258238.jpg
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
cca3bc776f3c3612ea8386ed6eb35d10dca61f6504840f1f669d852cb188b6d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
HIT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
4034
x-xss-protection
1; mode=block
last-modified
Fri, 30 Apr 2021 20:52:02 GMT
server
nginx
etag
"608c6df2-fc2"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
noimage_336_220.png
paymybill.guru/wp-content/themes/rehub-theme/images/default/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:16 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
x-httpd
1
x-sucuri-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
x-sucuri-id
18019
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-xss-protection
1; mode=block
x-proxy-cache
MISS
www-hulu-com-qjb2ufns6x1o78ujl96oujiqp2jo4c48cetl2d4462.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-hulu-com-qjb2ufns6x1o78ujl96oujiqp2jo4c48cetl2d4462.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
da10f3adc23e4c4eee3a5a4846eefd5967a219ee7a8de2498cb3545483557725
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
46948
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 09:29:49 GMT
server
nginx
etag
"65bf590d-b764"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-we-energies-com-1-qjb4vnb8id9ohui42wgl22f8dhovnmrl2s32q8k7h0.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-we-energies-com-1-qjb4vnb8id9ohui42wgl22f8dhovnmrl2s32q8k7h0.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
f672557254e16b97d6446158d7dd80ea45d14d1ac7dfcfa626dd66d9e27d0678
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
34628
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 10:16:17 GMT
server
nginx
etag
"65bf63f1-8744"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
healthy-kaiserpermanente-org-qjb4szfp59mflmddmr0mzqm7s6tfui6ypljjs0id8y.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/healthy-kaiserpermanente-org-qjb4szfp59mflmddmr0mzqm7s6tfui6ypljjs0id8y.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
297d8d7899fd78d867a6ab9e542abb6453ec056906cc1eb5cecbcb4d3dbc2a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
39833
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 10:14:54 GMT
server
nginx
etag
"65bf639e-9b99"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-huntington-co-qjb5mvowikjqv4y2268gsp0zydgpnxvmhkii9u6l50.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-huntington-co-qjb5mvowikjqv4y2268gsp0zydgpnxvmhkii9u6l50.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
1a3e8ea4e3089c1a6a70fe4055f8d9fa9ed846a12290b61b3429eecdf8a37e1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
24806
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 11:00:41 GMT
server
nginx
etag
"65bf6e59-60e6"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-bmw-usa-com-qjb504zh5vezyrz9uuceyxmijrk0fklf10al9twhwm.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-bmw-usa-com-qjb504zh5vezyrz9uuceyxmijrk0fklf10al9twhwm.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
b7be46a05d1603497cc8f74465def2d0730eac130955c13509d6dcf666c061cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
48667
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 10:16:32 GMT
server
nginx
etag
"65bf6400-be1b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-buckeyebroad-band-com-qjb4y0ujsairud1v7ffmuyu6fjza4375qjg9ef1dsg.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-buckeyebroad-band-com-qjb4y0ujsairud1v7ffmuyu6fjza4375qjg9ef1dsg.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
2708a5b0cab0da6780ecfdeb9057b99c3421cebfda2613aaace7f59ff1c7857b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
25101
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 10:12:29 GMT
server
nginx
etag
"65bf630d-620d"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-consolidatedcom-qjb5gl5srhxn5433sybdls6wsih94vwbafahm5igy4.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paymybill.guru/wp-content/uploads/thumbs_dir/www-consolidatedcom-qjb5gl5srhxn5433sybdls6wsih94vwbafahm5igy4.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
af8a86e7f12ce47538a841fc6746f6d8f88643d607c3f0946e19bab4f7b60939
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
40050
x-xss-protection
1; mode=block
last-modified
Sun, 04 Feb 2024 10:25:56 GMT
server
nginx
etag
"65bf6634-9c72"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
18019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
paymybill.guru/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymybill.guru/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
content-encoding
br
x-proxy-cache-info
DT:1
x-sucuri-cache
MISS
host-header
8441280b0c35cbc1147f8ba998a563a7
x-xss-protection
1; mode=block
last-modified
Thu, 06 Oct 2022 15:55:36 GMT
server
nginx
etag
W/"633efa78-2063"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
18019
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 17:16:02 GMT
x-content-type-options
nosniff
age
67275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 17:16:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 17:04:42 GMT
x-content-type-options
nosniff
age
67955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 17:04:42 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 17:16:03 GMT
x-content-type-options
nosniff
age
67274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 17:16:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
83302233ac1fa14bc20d7dbe81cefd75dd32e8b08f1112966bf26d367c4d1249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140868
x-xss-protection
0
server
cafe
etag
13754150629215655430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:17 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/ Frame A2EF 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
37083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 01:39:15 GMT
etag
3890843268177463596
expires
Thu, 22 Feb 2024 01:39:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2267698967624113&num=0&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D07B 		172 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&adk=1812271804&adf=3025194257&lmt=1707364063&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fpaymybill.guru%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437459&bpp=21&bdt=3655&idt=134&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5463904846722&frm=20&pv=2&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=162
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
937bb4606fa3ad0270f699a2ab06a5e4a07daf3d5e8733b6e01afb0ef92e48ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43458
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:18 GMT
expires
Thu, 08 Feb 2024 11:57:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
644957999c8788a1579cb5c4f2526d621cf5efe6cf607b8a99643e964ff1af1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12377
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7E92 		135 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
1241a6bf02a5978ecfb83b22eca5e3214bf4c860b3a5b4acd29dfbe8e0310317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44563
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:18 GMT
expires
Thu, 08 Feb 2024 11:57:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 11:57:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7655395707560128
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e74fe5536d1e8bd1fe0186bffaf250c72f371b02b8167b561b0ce57d9495cdc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Origin
https://paymybill.guru
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52016
x-xss-protection
0
server
cafe
etag
2546262503305772171
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Feb 2024 11:57:18 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVKDZWEGFT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108033343-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5805892cc6c53f904c315cf2b9374deab28f0790254c01917e49484da9bb9665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Feb 2024 11:57:18 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108033343-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 08 Feb 2024 11:03:47 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3211
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 08 Feb 2024 13:03:47 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CM26580JWS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108033343-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c04ce46a000ef2aafff082e6528ba93619be80edf7e41f251cf36b021bdd1f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Feb 2024 11:57:18 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CM26580JWS&gtm=45je4250v9176911206za200&_p=1707393436797&gcd=13l3l3l3l1&npa=0&dma=0&cid=479964273.1707393438&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707393438&sct=1&seg=0&dl=https%3A%2F%2Fpaymybill.guru%2F&dt=Pay%20My%20Bill%20Guru%20-%20PayMyBill.Guru&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7325
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM26580JWS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymybill.guru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VVKDZWEGFT&gtm=45je4250v9106982088za200&_p=1707393436797&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=479964273.1707393438&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1707393438&sct=1&seg=0&dl=https%3A%2F%2Fpaymybill.guru%2F&dt=Pay%20My%20Bill%20Guru%20-%20PayMyBill.Guru&en=page_view&_fv=1&_ss=1&tfd=7368
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVKDZWEGFT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymybill.guru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VVKDZWEGFT&cid=479964273.1707393438&gtm=45je4250v9106982088za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVKDZWEGFT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymybill.guru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VVKDZWEGFT&cid=479964273.1707393438&gtm=45je4250v9106982088za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1205136337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D6D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
284969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 04:47:49 GMT
expires
Tue, 04 Feb 2025 04:47:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6186 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f104.1e100.net
Software
GSE /
Resource Hash
5a552ded72ef19fa59e43be26bf425175c82264912b3a4e7a380e4ce353bb37b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w3QiBFvfsacufmJD95AfEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-w3QiBFvfsacufmJD95AfEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame D6D0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
139548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Feb 2025 21:11:30 GMT
73134fbfa16854d24caf7cd541ab86d9.js
www.gstatic.com/mysidia/ Frame 7E92 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 05:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4097
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 16:54:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 05:08:47 GMT
0a9824a76925f541c4e429981e9065a7.js
www.gstatic.com/mysidia/ Frame 7E92 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a9824a76925f541c4e429981e9065a7.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 06:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4782
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 21:57:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 06:23:16 GMT
css
fonts.googleapis.com/ Frame 7E92 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 11:49:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 7E92 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 7E92 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 7E92 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 7E92 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7E92 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63267
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Feb 2024 12:11:40 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 7E92 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 03:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 06:36:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 May 2024 03:19:34 GMT
generate_204
tpc.googlesyndication.com/ Frame D6D0 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5NX25A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1542444039&t=pageview&_s=1&dl=https%3A%2F%2Fpaymybill.guru%2F&ul=en-us&de=UTF-8&dt=Pay%20My%20Bill%20Guru%20-%20PayMyBill.Guru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=218268026&gjid=2002756127&cid=479964273.1707393438&tid=UA-108033343-2&_gid=1745139475.1707393439&_r=1&gtm=457e4250za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1344759575
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paymybill.guru/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymybill.guru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
9c28286662e012303a793bb467998d9f0b76ab75860cd1cddaa50b5486289f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57068
x-xss-protection
0
server
cafe
etag
2091472793151626827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2878770435933833&num=0&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2878770435933833&num=1&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2878770435933833&num=2&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2878770435933833&num=3&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1687047833686720&num=0&dvc=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 11E7 		110 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a3e39f36bb7cb454a5a8b24926990bc3c1515658a68c917d3e017999d90a6b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36509
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD5C 		137 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
4ca2ddc479ab19740c301f1add64186068d0df3a2e2d85576f0945979a0be11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-7655395707560128&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240205_093419&sat=1707275805375&afm=0&as_count=0&d_count=0&ng_count=0&am_count=3&atf_count=1&mdns=0&alldns=0.249&allp=13&fd=(0%2C9%2C4)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=3379&abl=false&rr=n&su=paymybill.guru&pvc=1178421723929104&r=0.1&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 2E1D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
69656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Feb 2024 16:36:23 GMT
etag
3890843268177463596
expires
Wed, 21 Feb 2024 16:36:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 2B20 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paymybill.guru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
69656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Feb 2024 16:36:23 GMT
etag
3890843268177463596
expires
Wed, 21 Feb 2024 16:36:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 2E1D 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 11:18:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:19 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 2E1D 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 15:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
14359709190881042667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 15:23:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 2E1D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
34690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Feb 2024 02:19:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6186 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240206&jk=1178421723929104&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 58EB 		624 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 49BE 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 49BE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 49BE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 49BE 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66416
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707309907044448"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49BE 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXZ8Ru3ZqezTjgfsfsTc9dYX9clgYgQbo6McNdlUW1KQKM8HMfQtmWSRxP65n2hy2zgBXb_olAftp0lFIUA9o5JIZNKRwtIhzNnIvAyFpwGNyRYjg
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 0C3E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
css
fonts.googleapis.com/ Frame 0C3E 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 10:27:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:19 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 0C3E 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 07:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 07:36:44 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 0C3E 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:22:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 0C3E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
rum
dsum-sec.casalemedia.com/ Frame 58EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwNz%2BNIMHdKoODiUb2ioWYDDFNvcckuvSUo1Tt%2BOHNNZB7Gb96iFN0oBQQ7pFdCXfgU3uQjVyY6PxlJXI5creBSKsY6zGuiYYGNjNX0IqXq6C%2BKw5D%2FX9puEolV5W6vyNhRLw0x16kXKzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8523b1ca0d2b5cdb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEa16ez1947D%2BCXGOFA60FRZfLThxbouAJzA2JxIU3N6jnzxCWCVpslcPci9N%2BkzPD1a5xFGNY5haSfSx1JK2PE%2FnIvSdMS2qjaoHOW0xuDrRTTZ6yF8Qczk0jIwymx6SxYtUenjze0J%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESECC3i3XcAiY_ww46ylzpnJU&google_cver=1&C=1
cache-control
no-cache
cf-ray
8523b1c8cba95cdb-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 58EB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcTBoMsGSmc6RB1xT.M9rAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7u_8bln9IPTmLJ81vX8TA&google_cver=1&google_hm=2
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7u_8bln9IPTmLJ81vX8TA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObLT%2B9vqmBs8pxFPHSewTDXLd%2Bu0MuuAHUAXz6wKjLUVUf6nc%2BQBDGYbU6hcxA4syQKO4MSkEXZy0SitbCDKF%2BQaXZq87GVoix4qoxcNTjZJ9xwtKzrbX6%2FW%2BifFCT4OMXHF7lompdL8xA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8523b1cbbe305e40-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7u_8bln9IPTmLJ81vX8TA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 58EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIL9j0aISQeXjgMx47dnHaU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIL9j0aISQeXjgMx47dnHaU%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIL9j0aISQeXjgMx47dnHaU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
an-x-request-uuid
abe25abe-a89d-4ea7-910a-78541be7ec17
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
42.60.46.68; 42.60.46.68; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
an-x-request-uuid
211960dc-0209-4bc2-9671-c02cd8447941
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIL9j0aISQeXjgMx47dnHaU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
42.60.46.68; 42.60.46.68; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 58EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDEyNzM4MjU2NTM5MTYx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDEyNzM4MjU2NTM5MTYx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COnBGBD868cBGJHEw4ACMAE&v=APEucNUpNYD4RvWlc_67rs7Bs8wDaGrVzGaCwNmaWCnbvVOnkHVI_I1lCGrSc1kxcqrmyrcScGLlDoOBK1UZ01mB3vh60K0MrQ
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
an-x-request-uuid
932feb4a-0ac9-44c2-a951-f364851b6d94
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDEyNzM4MjU2NTM5MTYx
x-proxy-origin
42.60.46.68; 42.60.46.68; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49BE 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9359575951242&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49BE 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9359575951242&version=m202401290101&ct=119&x=1&cor=7270940966032332000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 49BE 		92 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxnrp9sRIkAcE_jhpxGsaCjB6pjLreeNJ5UVEBgjYmgkmoTW7-8KCDnXAIWD71brXXFdAbb-Q-MMmjbTHcwtpVRL8BqalUo8_SzUWqdL9Y7fM64olMt13-KpKtLnTVmq1FO2tQqsc9HZeasWuWzBQ-1MRZ915U71OrZgs9yIwJF89gy9zcJLVKCb0On3_qvfj2E3f&cry=1&dbm_d=AKAmf-B3cOHeJpSvAY6Oq8O0fDd-8P1IgZfXbMBzVXlm0zvOPLJ6h9jPKBW3My9Z7gs_czcFMAKAWu7AaZ_q03zPjibAUbSHEXjhZWXSE-jEQNhBKQHl5sf2FCht2yKlWGs6KZdzJILu_hInMusCtL0B5hJAUiLJaNGypjOnzl_9BuUYhFuII00lATXxQId37NrPLbrGfLc2oM4Zh0RkdoaJYJllTHLiG_Bb6sJJOgyXf4oJFCTip7kairilIgZa-0o9hh5pgzisdD2Sqmlvk9W8ftOcHQDDCTXXzrTrPaNdPsKVxQvFLo1EzGbYqXJiRGbW_n-NZ5LYEl1eYY7KxJha_dteW1rXz82fczFKY2bY40D92Pzk-2IfAKHM6BAAMhsVIwHD1pJLWTQyd1UvsL8iHEhH9y5qhoNZXN3t2rSu8zT0_9lDrLcXGuPqgOBjFPcYm8eqAFgXWyQoR2xQJhABAzrtEb1ur9ytj6yy1qWdQfBbcv9E4TKKaAU2SiV46pRDArVIPz9dzOScEJAHPO9lbel-n2xIo_mLlwjL__IniTXuur3AvUOwMCxR4LU1F35fPXyRanXYM9c4y-XxEiw6q1qKwxrtpdMcpdtwzEHqtS-0__i1SrsmX4qWsmvTpIqdxrbqGPx9AduksAtfWn8Eif-ZY7Hhi0I3SxJCyYtTxSn7cUTrmU4QT7KEHoMnl6j8PPi-C6Us4n_lYJnElWdNZ4p6Frai5yxG0wJHZYFcFIO876O0dLzu8_OhzhXhA3LvvK0Mx76SbhZ5v-e5FcUJ-05MlBXld4zN5_BfK53_FvJ4CSDS6obbIG7QJuKWKxkje7IIhN2bKsz8xnC3T2U_LVTLnRASr9JgOW-yO080c5rRD_PqnNnLQt1pTRjTD8drddkqB4mbHTKQJhu6Gs7ojpXFX5WKTDFzs8XdxPtoaUBJp6Oal23KcYP24AfeLlo0xuUHoG_9rzn0cF8L8YqABE4j6WwTk4k9-jZVCQV2etA3BySrzY5dDlMvoFxmWxZSMnP0QK8zhIogW1Aie7MEyr_ubh1hS-gq7pPJmeuptBQ3aNjnfiiFK_p1CIfmcIKdgFHCZwi2WEHKjE1CC2cAS7oujP8sUbacPd9sNmhXlR4V5_Jl4dBA_iAN4s756JC5WJOHtONRJSCkNwYAL3WIpI4QNfAycUxrWQDnS2GrVTtAUC0HeXB4Je9zSpGv0ulFtMRxNb1le_RxCMe248ZllHNkFC2B9LqjHSSMbpZWiOGA2nyZ4B4g4aBED7gQm0j5aBCJXD6P3Gxxs2q-s0ixaGR4Ubwdo9J_GUNYHPdzPTVPbIgaI02-oclRwDbAeDwBiLVcx7Nj8t3JaGwaDtAbBJz4tCtFT2zYfSBrfotP2cKYMlrGGjH50MH0sCIRbTo-9KNL37R_8EInLJQFzTlyCVvkJniXbH5hGhLGNdw9PdxLfZZARN2zDJy8fniX8FM0GNtsS52YduGAAXKakZovftfb113znZ7Lco8qFPq4C7uMdT-pTAMje3bR_qLBU7MoQ1T3bkciYDzOggIuEilL1sG0KJTTCpg74yD8TrT6HCErjyCmjI4gbYJNyKqWEJwtOm955cVDFjf3Yv2oZEe2e5ZF0kJ_MhZ_xPNBJspJ0aMRYEY5lwvN8kK1h3aetZj0XJfGMQOdWqn9owAuWakQI7u97w3jlidkebr0FOoTdcqECgtHQjdraH8V3XZZrc5UicHmhQ-BtdqFDZhILQgtlNhpu3lmPOWMKxRx7YhXz-KTvwiqlLyAv0_gJUvSgwOzSFgVPc-qOaICkZAlGF02okl4WAsCcRqxy6iKRK-zv2JIRSQeSGn91ZJkQH60o22vsgMm6L6bEainiax1qvXdW_EmQjMFq-4X6UK_nUSEFt2QonABmYhWd_Kthq8eTHrReB0SROyi1Xrj12UujR5Z1bGIcdyS-j9qkRbnGvNY8UL8t5o_q3Eb-tVymhl8MX_6awdJLgV6xvQW3tL2uBTV8CH5Dmxc8oUFSX4pbmYZH_RDHEVWvw6B-DIc0Pb_GlCFnTLhCOxQKlsXHBHKn5-VOUWO0MJhCBmSf9UlYNqfLKfkafBXMHUC2E0mpC6x2vCUpXVWeasec8fE8Y2ekSPBJAHvu8uX6eiClmE1sKg6ebFDF4uz07c0xegpeunGgwLyjp6SzOtZ0kjGzsSsDKQ31Bo2UnemFERxbCw567JTeqe4dYF_IQN6zu7oknSL72dwOnGFNmcxofiK6FOu757BKaCnu5VqQLwz6_uPBAIaK2PsS_635yqpunktRd_29C-ifD12J2IOtlQXhZA0MWScZauHpxyBe9-0p0cdy2enZZe8y--m3-CShXXQvdap8xaWAIEcfyJqVFZOjjjFe1Sr8Yno7o5UxmgVFpQNlxmvaTbdliLldT54cde2O4-BWwCLvpocSMxOdLtWiBJR6DpO_X9_H6xIHsyf4wvOJqDBwDTjcMajygwOIKLkOoYYPKaMVQvoFwLoz9N-BKSDkIqGVvA4QOcZYvmXBIlQUebE7ZM_RXQnYRckP9C3EYhw_1RcnfLSooHGyFj2taIyr2-RzNyjemHcLkAAZRvERXc7UpBoJinUbghj_GnMZ2lFgFzPL7Hzb15RCvuLr-gLzej-A_0TvC9MCM1yHZdIrW8kvFhsPvK8vnUtb_0yI-aVsTQvSNjyB-lavo0ZsUe8D5Qxh3bboz2u__8g6WBU_FsrN3QroqvVafSTXvq3BGFOh2T7TVOqR78wFdY0FqWmj7xkE31wtTDCfyySpWHNB51WkWJzKy_VmTzaPV9zjcNHjvvkcTrRk4KDlObOfvlCB9glOrzQPLmxJwgYwl6mVCj7wnDtQs-oede1xRQ32KXoXLxvSueXlxUqyWlGhZJkevxjzGhwb53bfcRI3bfRoPiL6mWBGElJ1yFC3fTS8Ls2c4JN2kOPYDTuZ9f-lO2McFkEFwFx0ZD3I-swkBANBPQzHB3g_FZ8QelUEFfmVAyK7Q9Sl2uWOid0ve2DI7c9KKnzedfeKaMW_fkBflbO_0gHZJ1Y3ukZWbdmays8nMsxBSoJtugGVKz22DK7NvNwnnLuMo7gu90pbEtvR_JZq7XJmanp0j7upUsgALorkjRDML2qybdJ14AFvVxApUiojcMKU8_Pw6rFT9Qro8cSBnkm3SisgwQCdDbcFQN7ZyOym7pmL-aCBZ8uL5qSQWQHA3NH8G3j06LkhHVlQ-QdaZfXE35P5n6nStP4gi_PaKd2BqibsyeJIDsG1kuglKjf-d5WBnmVLBfZ7vh2hshCIMbN_NcTLCY3Lgg05J1FryxAGiUEoEVb3Q_Zdrh9nsfvnHckI1vHR_wI7fM9tsa-bsHi1pWE3u9wIHntmH7ZqEo_lldcRuc4jY5GAkfceeeGeksE5pEhPfebSCJgeLVRiwuEAy-4_NTUkdXF447xI6CO72usSyCr37rBCngPHVt-xTD4QlS6uc_bxpO97tAcoKuyEClI7u9sMJK9EHOU0RvJfny8R-Jy-CygtHC9NTTm-nWkIAct2w7KpQ&cid=CAQSTgAvHhf_TzocyQpm4H6ClDUfyzr5mza-oKoPTNmD0wEzirPezV9xBRdscNq-QpeMTjV_3jdiH36Q5uEgIEdMIiZrryC6uu5YlbJTTyW55xgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fpaymybill.guru%2F&ds=l&xdt=1&iif=1&cor=7270940966032332000&adk=929882888&idt=78&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
cd8b2c8e5f1412ce20b01b7be5eda3def2249b015df0cf99450a6c5c8531c0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39380
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DB3E 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
2769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:11:10 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7E92 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
718fc449dbfa9b4ceacf80c631eb924048cdb8fad5c3f23aaeb9eb53cdbb2820

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240206&jk=1178421723929104&bg=!bW6lbiHNAAaxkZ3akZE7ADQBe5WfOItfGqdITnYbRcUWkXKTONmBc9GAvWhMPr7bY5Wblk91ztqgxUJF6gzliM464HDSAgAAAHVSAAAABGgBB5kCySmlLTDYoJ0RHsmVuG7foKsTK6NTV0OsgsdRY45rUzls90hj_3GMRmdmCR-SGohpBNWErngu3lCAqLXhb8q8AODA3XQtFVOgrNh-IRi9vsIuCsq3kzsdSIIM2nCz_IU9EPv6GyxWXFnGKlA8ddA4z5wI1LL3H6QVIOMs7nLoiS-jdmep7PmLISLb9RlOaClXYv5qgjfT0JgV-PGDN68kO66o1ZzL9UMYKapaxyePTEl2mkCD6GluI14grT4iG8yF1uznAnhY4uoB5is7WZ6bSwDjxtLhcDcodi9kmi4n7Ar_fFnVRsU8daMS98T1I5-pYaUDrdTgHUx4gf2uADBbtGNTz92goG4YUhAAojXgGoEsE2tdy-Clebrt8shC--prIioT0jceL_Xtm6eGFI1HhapfIgeNPuE5O-uFnVrVASygWDWUG5Y1GfdnK2W0SZhdI-sItPTyhaFDqzPTUN6dQ7GQbkkgaRCqncyzL-kwRuRSLgtHNRuEuwZE9Wv7JSWwqe-GN4QuZNXOKjPqZaVtwvbSh_753LNfg6sNzOd4WakwDw3D9PaoQpriXl6oy3LT5iUiARs75aEbMPY_dpCThpT3GPX05bHeWL5mJ31tzSn3I4XB5J9Lwa70sOKMFh17ia1C1OB5A8dyhyp4LfzOf6ihTNVHx0dRzVq-5oGfWC_HU7Y1Lf2G5CAm5_ou_y4NlqKEMdzBmlMcqeuzi5IcC8Hv6V0fbbq7Be61PmWkehOmCU_7BeCkh8vv3VHmYaWwdr78AqPbfzFfGuPOBqFyjf1PFsVfhj44kuoSXVTbdUj-oUHtF8bBVL0r4NmtXlQixlLb-b4Twr3pFSCd73NxhYAvzhupGp-A72yS9axhBfqOnAXisvXsGf8U7a6pm6gkvrrq92dw8EbmR5CoL_AGvI6rmL_gQLeDc1iRXpsBqMJle9F8SfIdbbB1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://paymybill.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7E92 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 16:59:32 GMT
x-content-type-options
nosniff
age
68267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 16:59:32 GMT
73134fbfa16854d24caf7cd541ab86d9.js
www.gstatic.com/mysidia/ Frame BD5C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 05:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4097
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 16:54:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 05:08:47 GMT
0a9824a76925f541c4e429981e9065a7.js
www.gstatic.com/mysidia/ Frame BD5C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a9824a76925f541c4e429981e9065a7.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 06:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4782
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 21:57:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 06:23:16 GMT
css
fonts.googleapis.com/ Frame BD5C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 11:54:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BD5C 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame BD5C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BD5C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BD5C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
l
www.google.com/ads/measurement/ Frame BD5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRe4npuZWzQia37caSgi6DnVTmZNeT7HF_-GXZD_pbnEnxxpt3Hmdl_DPS7-191W-MN7W4jqbAdz7hnEE8vvYbbaVsTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BD5C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66416
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707309907044448"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:19 GMT
7b5e6815b417a6dcda76775ec840e2bc.js
www.gstatic.com/mysidia/ Frame BD5C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 20:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15515
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 20:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 05 May 2024 20:59:09 GMT
73134fbfa16854d24caf7cd541ab86d9.js
www.gstatic.com/mysidia/ Frame 11E7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 05:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4097
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 16:54:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 05:08:47 GMT
0a9824a76925f541c4e429981e9065a7.js
www.gstatic.com/mysidia/ Frame 11E7 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a9824a76925f541c4e429981e9065a7.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 06:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4782
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 21:57:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 May 2024 06:23:16 GMT
css
fonts.googleapis.com/ Frame 11E7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 11:42:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 11:57:19 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 49BE 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 17:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 17:03:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 49BE 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxnrp9sRIkAcE_jhpxGsaCjB6pjLreeNJ5UVEBgjYmgkmoTW7-8KCDnXAIWD71brXXFdAbb-Q-MMmjbTHcwtpVRL8BqalUo8_SzUWqdL9Y7fM64olMt13-KpKtLnTVmq1FO2tQqsc9HZeasWuWzBQ-1MRZ915U71OrZgs9yIwJF89gy9zcJLVKCb0On3_qvfj2E3f&cry=1&dbm_d=AKAmf-B3cOHeJpSvAY6Oq8O0fDd-8P1IgZfXbMBzVXlm0zvOPLJ6h9jPKBW3My9Z7gs_czcFMAKAWu7AaZ_q03zPjibAUbSHEXjhZWXSE-jEQNhBKQHl5sf2FCht2yKlWGs6KZdzJILu_hInMusCtL0B5hJAUiLJaNGypjOnzl_9BuUYhFuII00lATXxQId37NrPLbrGfLc2oM4Zh0RkdoaJYJllTHLiG_Bb6sJJOgyXf4oJFCTip7kairilIgZa-0o9hh5pgzisdD2Sqmlvk9W8ftOcHQDDCTXXzrTrPaNdPsKVxQvFLo1EzGbYqXJiRGbW_n-NZ5LYEl1eYY7KxJha_dteW1rXz82fczFKY2bY40D92Pzk-2IfAKHM6BAAMhsVIwHD1pJLWTQyd1UvsL8iHEhH9y5qhoNZXN3t2rSu8zT0_9lDrLcXGuPqgOBjFPcYm8eqAFgXWyQoR2xQJhABAzrtEb1ur9ytj6yy1qWdQfBbcv9E4TKKaAU2SiV46pRDArVIPz9dzOScEJAHPO9lbel-n2xIo_mLlwjL__IniTXuur3AvUOwMCxR4LU1F35fPXyRanXYM9c4y-XxEiw6q1qKwxrtpdMcpdtwzEHqtS-0__i1SrsmX4qWsmvTpIqdxrbqGPx9AduksAtfWn8Eif-ZY7Hhi0I3SxJCyYtTxSn7cUTrmU4QT7KEHoMnl6j8PPi-C6Us4n_lYJnElWdNZ4p6Frai5yxG0wJHZYFcFIO876O0dLzu8_OhzhXhA3LvvK0Mx76SbhZ5v-e5FcUJ-05MlBXld4zN5_BfK53_FvJ4CSDS6obbIG7QJuKWKxkje7IIhN2bKsz8xnC3T2U_LVTLnRASr9JgOW-yO080c5rRD_PqnNnLQt1pTRjTD8drddkqB4mbHTKQJhu6Gs7ojpXFX5WKTDFzs8XdxPtoaUBJp6Oal23KcYP24AfeLlo0xuUHoG_9rzn0cF8L8YqABE4j6WwTk4k9-jZVCQV2etA3BySrzY5dDlMvoFxmWxZSMnP0QK8zhIogW1Aie7MEyr_ubh1hS-gq7pPJmeuptBQ3aNjnfiiFK_p1CIfmcIKdgFHCZwi2WEHKjE1CC2cAS7oujP8sUbacPd9sNmhXlR4V5_Jl4dBA_iAN4s756JC5WJOHtONRJSCkNwYAL3WIpI4QNfAycUxrWQDnS2GrVTtAUC0HeXB4Je9zSpGv0ulFtMRxNb1le_RxCMe248ZllHNkFC2B9LqjHSSMbpZWiOGA2nyZ4B4g4aBED7gQm0j5aBCJXD6P3Gxxs2q-s0ixaGR4Ubwdo9J_GUNYHPdzPTVPbIgaI02-oclRwDbAeDwBiLVcx7Nj8t3JaGwaDtAbBJz4tCtFT2zYfSBrfotP2cKYMlrGGjH50MH0sCIRbTo-9KNL37R_8EInLJQFzTlyCVvkJniXbH5hGhLGNdw9PdxLfZZARN2zDJy8fniX8FM0GNtsS52YduGAAXKakZovftfb113znZ7Lco8qFPq4C7uMdT-pTAMje3bR_qLBU7MoQ1T3bkciYDzOggIuEilL1sG0KJTTCpg74yD8TrT6HCErjyCmjI4gbYJNyKqWEJwtOm955cVDFjf3Yv2oZEe2e5ZF0kJ_MhZ_xPNBJspJ0aMRYEY5lwvN8kK1h3aetZj0XJfGMQOdWqn9owAuWakQI7u97w3jlidkebr0FOoTdcqECgtHQjdraH8V3XZZrc5UicHmhQ-BtdqFDZhILQgtlNhpu3lmPOWMKxRx7YhXz-KTvwiqlLyAv0_gJUvSgwOzSFgVPc-qOaICkZAlGF02okl4WAsCcRqxy6iKRK-zv2JIRSQeSGn91ZJkQH60o22vsgMm6L6bEainiax1qvXdW_EmQjMFq-4X6UK_nUSEFt2QonABmYhWd_Kthq8eTHrReB0SROyi1Xrj12UujR5Z1bGIcdyS-j9qkRbnGvNY8UL8t5o_q3Eb-tVymhl8MX_6awdJLgV6xvQW3tL2uBTV8CH5Dmxc8oUFSX4pbmYZH_RDHEVWvw6B-DIc0Pb_GlCFnTLhCOxQKlsXHBHKn5-VOUWO0MJhCBmSf9UlYNqfLKfkafBXMHUC2E0mpC6x2vCUpXVWeasec8fE8Y2ekSPBJAHvu8uX6eiClmE1sKg6ebFDF4uz07c0xegpeunGgwLyjp6SzOtZ0kjGzsSsDKQ31Bo2UnemFERxbCw567JTeqe4dYF_IQN6zu7oknSL72dwOnGFNmcxofiK6FOu757BKaCnu5VqQLwz6_uPBAIaK2PsS_635yqpunktRd_29C-ifD12J2IOtlQXhZA0MWScZauHpxyBe9-0p0cdy2enZZe8y--m3-CShXXQvdap8xaWAIEcfyJqVFZOjjjFe1Sr8Yno7o5UxmgVFpQNlxmvaTbdliLldT54cde2O4-BWwCLvpocSMxOdLtWiBJR6DpO_X9_H6xIHsyf4wvOJqDBwDTjcMajygwOIKLkOoYYPKaMVQvoFwLoz9N-BKSDkIqGVvA4QOcZYvmXBIlQUebE7ZM_RXQnYRckP9C3EYhw_1RcnfLSooHGyFj2taIyr2-RzNyjemHcLkAAZRvERXc7UpBoJinUbghj_GnMZ2lFgFzPL7Hzb15RCvuLr-gLzej-A_0TvC9MCM1yHZdIrW8kvFhsPvK8vnUtb_0yI-aVsTQvSNjyB-lavo0ZsUe8D5Qxh3bboz2u__8g6WBU_FsrN3QroqvVafSTXvq3BGFOh2T7TVOqR78wFdY0FqWmj7xkE31wtTDCfyySpWHNB51WkWJzKy_VmTzaPV9zjcNHjvvkcTrRk4KDlObOfvlCB9glOrzQPLmxJwgYwl6mVCj7wnDtQs-oede1xRQ32KXoXLxvSueXlxUqyWlGhZJkevxjzGhwb53bfcRI3bfRoPiL6mWBGElJ1yFC3fTS8Ls2c4JN2kOPYDTuZ9f-lO2McFkEFwFx0ZD3I-swkBANBPQzHB3g_FZ8QelUEFfmVAyK7Q9Sl2uWOid0ve2DI7c9KKnzedfeKaMW_fkBflbO_0gHZJ1Y3ukZWbdmays8nMsxBSoJtugGVKz22DK7NvNwnnLuMo7gu90pbEtvR_JZq7XJmanp0j7upUsgALorkjRDML2qybdJ14AFvVxApUiojcMKU8_Pw6rFT9Qro8cSBnkm3SisgwQCdDbcFQN7ZyOym7pmL-aCBZ8uL5qSQWQHA3NH8G3j06LkhHVlQ-QdaZfXE35P5n6nStP4gi_PaKd2BqibsyeJIDsG1kuglKjf-d5WBnmVLBfZ7vh2hshCIMbN_NcTLCY3Lgg05J1FryxAGiUEoEVb3Q_Zdrh9nsfvnHckI1vHR_wI7fM9tsa-bsHi1pWE3u9wIHntmH7ZqEo_lldcRuc4jY5GAkfceeeGeksE5pEhPfebSCJgeLVRiwuEAy-4_NTUkdXF447xI6CO72usSyCr37rBCngPHVt-xTD4QlS6uc_bxpO97tAcoKuyEClI7u9sMJK9EHOU0RvJfny8R-Jy-CygtHC9NTTm-nWkIAct2w7KpQ&cid=CAQSTgAvHhf_TzocyQpm4H6ClDUfyzr5mza-oKoPTNmD0wEzirPezV9xBRdscNq-QpeMTjV_3jdiH36Q5uEgIEdMIiZrryC6uu5YlbJTTyW55xgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fpaymybill.guru%2F&ds=l&xdt=1&iif=1&cor=7270940966032332000&adk=929882888&idt=78&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
6563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Feb 2024 10:07:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 49BE 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxnrp9sRIkAcE_jhpxGsaCjB6pjLreeNJ5UVEBgjYmgkmoTW7-8KCDnXAIWD71brXXFdAbb-Q-MMmjbTHcwtpVRL8BqalUo8_SzUWqdL9Y7fM64olMt13-KpKtLnTVmq1FO2tQqsc9HZeasWuWzBQ-1MRZ915U71OrZgs9yIwJF89gy9zcJLVKCb0On3_qvfj2E3f&cry=1&dbm_d=AKAmf-B3cOHeJpSvAY6Oq8O0fDd-8P1IgZfXbMBzVXlm0zvOPLJ6h9jPKBW3My9Z7gs_czcFMAKAWu7AaZ_q03zPjibAUbSHEXjhZWXSE-jEQNhBKQHl5sf2FCht2yKlWGs6KZdzJILu_hInMusCtL0B5hJAUiLJaNGypjOnzl_9BuUYhFuII00lATXxQId37NrPLbrGfLc2oM4Zh0RkdoaJYJllTHLiG_Bb6sJJOgyXf4oJFCTip7kairilIgZa-0o9hh5pgzisdD2Sqmlvk9W8ftOcHQDDCTXXzrTrPaNdPsKVxQvFLo1EzGbYqXJiRGbW_n-NZ5LYEl1eYY7KxJha_dteW1rXz82fczFKY2bY40D92Pzk-2IfAKHM6BAAMhsVIwHD1pJLWTQyd1UvsL8iHEhH9y5qhoNZXN3t2rSu8zT0_9lDrLcXGuPqgOBjFPcYm8eqAFgXWyQoR2xQJhABAzrtEb1ur9ytj6yy1qWdQfBbcv9E4TKKaAU2SiV46pRDArVIPz9dzOScEJAHPO9lbel-n2xIo_mLlwjL__IniTXuur3AvUOwMCxR4LU1F35fPXyRanXYM9c4y-XxEiw6q1qKwxrtpdMcpdtwzEHqtS-0__i1SrsmX4qWsmvTpIqdxrbqGPx9AduksAtfWn8Eif-ZY7Hhi0I3SxJCyYtTxSn7cUTrmU4QT7KEHoMnl6j8PPi-C6Us4n_lYJnElWdNZ4p6Frai5yxG0wJHZYFcFIO876O0dLzu8_OhzhXhA3LvvK0Mx76SbhZ5v-e5FcUJ-05MlBXld4zN5_BfK53_FvJ4CSDS6obbIG7QJuKWKxkje7IIhN2bKsz8xnC3T2U_LVTLnRASr9JgOW-yO080c5rRD_PqnNnLQt1pTRjTD8drddkqB4mbHTKQJhu6Gs7ojpXFX5WKTDFzs8XdxPtoaUBJp6Oal23KcYP24AfeLlo0xuUHoG_9rzn0cF8L8YqABE4j6WwTk4k9-jZVCQV2etA3BySrzY5dDlMvoFxmWxZSMnP0QK8zhIogW1Aie7MEyr_ubh1hS-gq7pPJmeuptBQ3aNjnfiiFK_p1CIfmcIKdgFHCZwi2WEHKjE1CC2cAS7oujP8sUbacPd9sNmhXlR4V5_Jl4dBA_iAN4s756JC5WJOHtONRJSCkNwYAL3WIpI4QNfAycUxrWQDnS2GrVTtAUC0HeXB4Je9zSpGv0ulFtMRxNb1le_RxCMe248ZllHNkFC2B9LqjHSSMbpZWiOGA2nyZ4B4g4aBED7gQm0j5aBCJXD6P3Gxxs2q-s0ixaGR4Ubwdo9J_GUNYHPdzPTVPbIgaI02-oclRwDbAeDwBiLVcx7Nj8t3JaGwaDtAbBJz4tCtFT2zYfSBrfotP2cKYMlrGGjH50MH0sCIRbTo-9KNL37R_8EInLJQFzTlyCVvkJniXbH5hGhLGNdw9PdxLfZZARN2zDJy8fniX8FM0GNtsS52YduGAAXKakZovftfb113znZ7Lco8qFPq4C7uMdT-pTAMje3bR_qLBU7MoQ1T3bkciYDzOggIuEilL1sG0KJTTCpg74yD8TrT6HCErjyCmjI4gbYJNyKqWEJwtOm955cVDFjf3Yv2oZEe2e5ZF0kJ_MhZ_xPNBJspJ0aMRYEY5lwvN8kK1h3aetZj0XJfGMQOdWqn9owAuWakQI7u97w3jlidkebr0FOoTdcqECgtHQjdraH8V3XZZrc5UicHmhQ-BtdqFDZhILQgtlNhpu3lmPOWMKxRx7YhXz-KTvwiqlLyAv0_gJUvSgwOzSFgVPc-qOaICkZAlGF02okl4WAsCcRqxy6iKRK-zv2JIRSQeSGn91ZJkQH60o22vsgMm6L6bEainiax1qvXdW_EmQjMFq-4X6UK_nUSEFt2QonABmYhWd_Kthq8eTHrReB0SROyi1Xrj12UujR5Z1bGIcdyS-j9qkRbnGvNY8UL8t5o_q3Eb-tVymhl8MX_6awdJLgV6xvQW3tL2uBTV8CH5Dmxc8oUFSX4pbmYZH_RDHEVWvw6B-DIc0Pb_GlCFnTLhCOxQKlsXHBHKn5-VOUWO0MJhCBmSf9UlYNqfLKfkafBXMHUC2E0mpC6x2vCUpXVWeasec8fE8Y2ekSPBJAHvu8uX6eiClmE1sKg6ebFDF4uz07c0xegpeunGgwLyjp6SzOtZ0kjGzsSsDKQ31Bo2UnemFERxbCw567JTeqe4dYF_IQN6zu7oknSL72dwOnGFNmcxofiK6FOu757BKaCnu5VqQLwz6_uPBAIaK2PsS_635yqpunktRd_29C-ifD12J2IOtlQXhZA0MWScZauHpxyBe9-0p0cdy2enZZe8y--m3-CShXXQvdap8xaWAIEcfyJqVFZOjjjFe1Sr8Yno7o5UxmgVFpQNlxmvaTbdliLldT54cde2O4-BWwCLvpocSMxOdLtWiBJR6DpO_X9_H6xIHsyf4wvOJqDBwDTjcMajygwOIKLkOoYYPKaMVQvoFwLoz9N-BKSDkIqGVvA4QOcZYvmXBIlQUebE7ZM_RXQnYRckP9C3EYhw_1RcnfLSooHGyFj2taIyr2-RzNyjemHcLkAAZRvERXc7UpBoJinUbghj_GnMZ2lFgFzPL7Hzb15RCvuLr-gLzej-A_0TvC9MCM1yHZdIrW8kvFhsPvK8vnUtb_0yI-aVsTQvSNjyB-lavo0ZsUe8D5Qxh3bboz2u__8g6WBU_FsrN3QroqvVafSTXvq3BGFOh2T7TVOqR78wFdY0FqWmj7xkE31wtTDCfyySpWHNB51WkWJzKy_VmTzaPV9zjcNHjvvkcTrRk4KDlObOfvlCB9glOrzQPLmxJwgYwl6mVCj7wnDtQs-oede1xRQ32KXoXLxvSueXlxUqyWlGhZJkevxjzGhwb53bfcRI3bfRoPiL6mWBGElJ1yFC3fTS8Ls2c4JN2kOPYDTuZ9f-lO2McFkEFwFx0ZD3I-swkBANBPQzHB3g_FZ8QelUEFfmVAyK7Q9Sl2uWOid0ve2DI7c9KKnzedfeKaMW_fkBflbO_0gHZJ1Y3ukZWbdmays8nMsxBSoJtugGVKz22DK7NvNwnnLuMo7gu90pbEtvR_JZq7XJmanp0j7upUsgALorkjRDML2qybdJ14AFvVxApUiojcMKU8_Pw6rFT9Qro8cSBnkm3SisgwQCdDbcFQN7ZyOym7pmL-aCBZ8uL5qSQWQHA3NH8G3j06LkhHVlQ-QdaZfXE35P5n6nStP4gi_PaKd2BqibsyeJIDsG1kuglKjf-d5WBnmVLBfZ7vh2hshCIMbN_NcTLCY3Lgg05J1FryxAGiUEoEVb3Q_Zdrh9nsfvnHckI1vHR_wI7fM9tsa-bsHi1pWE3u9wIHntmH7ZqEo_lldcRuc4jY5GAkfceeeGeksE5pEhPfebSCJgeLVRiwuEAy-4_NTUkdXF447xI6CO72usSyCr37rBCngPHVt-xTD4QlS6uc_bxpO97tAcoKuyEClI7u9sMJK9EHOU0RvJfny8R-Jy-CygtHC9NTTm-nWkIAct2w7KpQ&cid=CAQSTgAvHhf_TzocyQpm4H6ClDUfyzr5mza-oKoPTNmD0wEzirPezV9xBRdscNq-QpeMTjV_3jdiH36Q5uEgIEdMIiZrryC6uu5YlbJTTyW55xgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fpaymybill.guru%2F&ds=l&xdt=1&iif=1&cor=7270940966032332000&adk=929882888&idt=78&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
4835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11930
x-xss-protection
0
server
cafe
etag
15760894069517589058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Feb 2024 10:36:44 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 49BE 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 09:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
93483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 09:59:16 GMT
truncated
/ Frame 49BE 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b96b61d33cc6c6c19a8af327e4a350138f9a8f40ff2bf9f86d6ebb9b64d84c46

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 11E7 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 11E7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 11E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 11E7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 20:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
54184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:54:15 GMT
l
www.google.com/ads/measurement/ Frame 11E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmjRhOMR6TpFG5toxq-0WN7cZeNnlPMYlCOIcHzCItBtZi0smHtcNi6p0NxFY2hDSJ8sbyoy5OJqmY1FMQaEtV4RxNaA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 11E7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66416
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1707309907044448"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:19 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 11E7 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 03:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 06:36:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 May 2024 03:19:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DB3E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 55FA 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
2769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:11:10 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 42AD 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
67036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Feb 2024 17:20:03 GMT
etag
48472445140208031
expires
Thu, 08 Feb 2024 17:20:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BD5C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c80b7f98a788413f9d40fba1c5d2c50f045e9ec9e553192e7749522b5d070ece

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2F67 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
2769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:11:10 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6041 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
67036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Feb 2024 17:20:03 GMT
etag
48472445140208031
expires
Thu, 08 Feb 2024 17:20:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9211 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
93483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Feb 2024 09:59:16 GMT
expires
Thu, 06 Feb 2025 09:59:16 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 11E7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f916d5abcc4a7d0dcd29793b8e089b419dd09a2a75b4965fa6a8f894a238a461

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 55FA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
expires
Thu, 08 Feb 2024 11:57:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync
gdn.socdm.com/rtb/ Frame 42AD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESECT9MGbwdlJ0P_whvbrAuks&google_cver=1&google_push=AXcoOmTHBey_iSlwn3cE2LPAYI3R6SWsuj3QsgyBJozS18zqBF-ohUO6e_wr1VfHAXCb_...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmNUQm9NQ284WHdBQUhlbnFkc0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
Protocol
HTTP/1.1
Server
211.120.53.192 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:57:21 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"42.60.46.68","key":"ZcTBoMCo8XwAAHenqdsAAAAA","privacy_sensitive":false,"uid":"ZcTBoMCo8XwAAHenqdsAAAAA","upstream_id":"m-ad294"}
X-SO-Key
ZcTBoMCo8XwAAHenqdsAAAAA
X-SO-Upstream-ID
m-ad294
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad294.dc4p.scaleout.jp
X-SO-UID
ZcTBoMCo8XwAAHenqdsAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
42.60.46.68
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
23
X-SO-LB-Hostname
a-ng40015.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42AD
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEIDi7HFjvUTHYDb8BnKnpP4&google_cver=1&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSup...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSuppvMXL9kD-sQ_uYZbelvggE9l_I1dxabJSFK1Ghgj4zQtURZG6qkJI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSuppvMXL9kD-sQ_uYZbelvggE9l_I1dxabJSFK1Ghgj4zQtURZG6qkJIk1R8elWtSSpncsazmEXCmjVZ5pFg&google_hm=VFMzRDJGM3lEMGxhRGJVZG9tTmo3c0VFMHVF&from_google=sp1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:57:20 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRDUwRDfHanqx8PKf-6ET-rUijOvu6LcE10DTEBF5XIp5G5HsGAud_yUrdqBms9ukZn6wSuppvMXL9kD-sQ_uYZbelvggE9l_I1dxabJSFK1Ghgj4zQtURZG6qkJIk1R8elWtSSpncsazmEXCmjVZ5pFg&google_hm=VFMzRDJGM3lEMGxhRGJVZG9tTmo3c0VFMHVF&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 42AD
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESELO68ZxT_YjDN9qEUDw37KY&google_cver=1&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9iX2wrS6yRS814Yp50xOJC...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YWRCckRmd2JBMXk1QlBxam9NSEVaUQ%3D%3D&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YWRCckRmd2JBMXk1QlBxam9NSEVaUQ%3D%3D&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9iX2wrS6yRS814Yp50xOJCCxDLSQMYd7gZf3lgwphd6AfYXRZbtgJVOgiQ_FYyhchJENc3G0XQw
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Feb 2024 11:57:20 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YWRCckRmd2JBMXk1QlBxam9NSEVaUQ%3D%3D&google_push=AXcoOmSC-VxXlL5H-_1smIbmjyLqnFQFIRDiZWWiN506a4ptvrYHQ-zKeI9Su8c9Y8MiHqoGa3LTzLdngDu9iX2wrS6yRS814Yp50xOJCCxDLSQMYd7gZf3lgwphd6AfYXRZbtgJVOgiQ_FYyhchJENc3G0XQw
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
301
pixel
cm.g.doubleclick.net/ Frame 42AD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFZF5TViYevKgiC0eBc077M&google_cver=1&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDH...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFZF5TViYevKgiC0eBc077M&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDH...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1EceYYBM8ZC6XAopA8dFY0uNG3Hw&google_hm=bFlndzNsN2lwaVFxQi1ZTFdwVjA=
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:57:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOzrgVlXlSH0ufjWm07cNlv9ODmrkVDfpSWzsyh_BnRGdIeWjUeEjZid-Ud9pIDPhzGi3AsxmSxWdDHaiNEaE4LMbsToTd1SN8Zy4KFH4H2B0j-wH1UWRkCHIdmv1EceYYBM8ZC6XAopA8dFY0uNG3Hw&google_hm=bFlndzNsN2lwaVFxQi1ZTFdwVjA=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 42AD 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEBQvww4ojssmdwd-lCDi65A&google_cver=1&google_push=AXcoOmSnaqvMxrf-JM_vjDoYznwPv6mg1mEHrpT8sc8QnvzUUAs2oaSL4ADsF7zYOCJTvhYQzLX9wIgwB3XixWUxDk1F00csY_VzyMXozqyqhndxhzAfe3dk9-k1Iusd_VGYqrRyf4p7sGQ1oGiBEl_utDe0Ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:57:20 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
spacer.gif
an.yandex.ru/resource/ Frame 42AD
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEECbJuzh48DE4VfCQ5_nshg?ext-param=AXcoOmRcU0KHef08Gi-oL0z1SU6FXaKVaQiXd-SriBK5KP0lr2BiBdcr-2qCupChaNK3erwEx2PFJg2bD8WyIjqDzFo_0nmp_FAZjmW1kkMyy2RGOuEZu2-R_die...
  • https://an.yandex.ru/mapuid/google/CAESEECbJuzh48DE4VfCQ5_nshg?redir-setuniq=1&ext-param=AXcoOmRcU0KHef08Gi-oL0z1SU6FXaKVaQiXd-SriBK5KP0lr2BiBdcr-2qCupChaNK3erwEx2PFJg2bD8WyIjqDzFo_0nmp_FAZjmW1kkMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEECbJuzh48DE4VfCQ5_nshg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 23 Jan 2025 11:57:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42AD
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAgAHzmE46-23I72A5QaBrQ&google_cver=1&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy-I8uLyhhaTQfQG8_Jmq9TxzNcuSGiIjZYp8O6QWIC4FN9iAjKO01H17pkNlW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy-I8uLyhhaTQfQG8_Jmq9TxzNcuSGiIjZYp8O6QWIC4FN9iAjKO01H17pkNlW3PsA1pZkZ6Zi1m3pfds8GBqL-2u9KiaI
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
e9536a0.545faaab
date
Thu, 08 Feb 2024 11:57:20 GMT
x-bytefaas-request-id
20240208115720928CA1E7062D85BD412B
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240208115720928CA1E7062D85BD412B-2F687D19307BBF5A-00
x-cache
TCP_MISS from a23-35-16-18.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-parent-response-time
70,23.35.16.18
server-timing
cdn-cache; desc=MISS, edge; dur=60, origin; dur=10, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240208115720928CA1E7062D85BD412B
x-cache-remote
TCP_MISS from a23-58-124-15.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSBKacFVVFb_0bTDXEwHTzAyoK3JEpML585MuXc3yJsabAeD2lYI61P0ChLlVy-I8uLyhhaTQfQG8_Jmq9TxzNcuSGiIjZYp8O6QWIC4FN9iAjKO01H17pkNlW3PsA1pZkZ6Zi1m3pfds8GBqL-2u9KiaI
x-bytefaas-execution-duration
4.59
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
012ebf95751b1a0a92cf9ad6673fb958e22a4a6882a9262f2aae13a9b88ee2809d9441e02ce669f0618e2eb90dcf974bc36c13c070bac95da7c9c2c019bbf0b6445f4ba51ce8052217b731877ff31ce7781a82ea2d7ed5defc802817be2fc096a9aaf9e4fa295bf146b1f7347fcbdb2daa
x-origin-response-time
10,23.58.124.15
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Thu, 08 Feb 2024 11:57:20 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 42AD 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LA3woRlRudlEIDXHHVelWVekVNX_lMAiLxlf2bKLSURMsi4QoNpqWfl4R4NP3XgrWmQLwUP5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 0C3E 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsd5yxtf&c=5415574311761&slotId=2707787155880.5&qqid=CJKi_prYm4QDFXHh5wMdmZ4H3w&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nuq04s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C3E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CasaNnsHEZZLbCfHCn88Pmb2e-A3E7ZbHdcmC3p2uEp_w8_0IEAEguKfDkwFgvwWgAf3DidIqyAEFqAMByAObBKoE8QFP0ERZVfRuA0LanBrU2DuR6YxeaHO7mGZNZb7amQbYnTFmB-1iCU8v547fDjrPqXVy4xJyNN__SlZ4IijEDWee9VMgvyTrjiR-ZxehBk7KY-DPOz0KRSIZhC0SF0-dtvg7fpfyTywDPbkrRQ4m59GkXVl_CRZ7SFKVf1mW4bmOE2h9Xm6es0VwyTYob6BPlvQh-IrV3yNd5MvvfzhzmDy3MNl5oIK3HQiIAs1JLzd0m1Ey-ldjt2mlqcwjUc5lcItgUyOI3IGqK2H90XZTg-bA0bxbZXUHp92qfmeZF0NIY8-_ZBbR_QW0TDu7pn7AyMJ9wASEheWW7QTgBAOIBbuE6ZFOkAYBoAZ2gAf9-9mxBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYiLn4mtibhAOACgHICwHgCwGADAGqDQJTR7ATj8G9FsgTxMi25APYEwqIFAPYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1707393439932&ai=CasaNnsHEZZLbCfHCn88Pmb2e-A3E7ZbHdcmC3p2uEp_w8_0IEAEguKfDkwFgvwWgAf3DidIqyAEFqAMByAObBKoE8QFP0ERZVfRuA0LanBrU2DuR6YxeaHO7mGZNZb7amQbYnTFmB-1iCU8v547fDjrPqXVy4xJyNN__SlZ4IijEDWee9VMgvyTrjiR-ZxehBk7KY-DPOz0KRSIZhC0SF0-dtvg7fpfyTywDPbkrRQ4m59GkXVl_CRZ7SFKVf1mW4bmOE2h9Xm6es0VwyTYob6BPlvQh-IrV3yNd5MvvfzhzmDy3MNl5oIK3HQiIAs1JLzd0m1Ey-ldjt2mlqcwjUc5lcItgUyOI3IGqK2H90XZTg-bA0bxbZXUHp92qfmeZF0NIY8-_ZBbR_QW0TDu7pn7AyMJ9wASEheWW7QTgBAOIBbuE6ZFOkAYBoAZ2gAf9-9mxBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYiLn4mtibhAOACgHICwHgCwGADAGqDQJTR7ATj8G9FsgTxMi25APYEwqIFAPYFAHQFQH4FgGAFwHoFwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0C3E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsd5yxtp&c=5415574311761&slotId=2707787155880.5&qqid=CJKi_prYm4QDFXHh5wMdmZ4H3w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1sg&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nuq04s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 0C3E 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BfJStVRjRb2myev6_ieQopxEJxQqfA6qUNTBU-sES-4BSFY7uh__1TpXZhQCFFP88j0jPBOSy3GRLNBJBqqnOFMqfuOw&cry=1&dbm_d=AKAmf-AjQw9TBVVoJeZC3jJy3qLTnXkPtEJiAS7MKnC9xSLxKIlRJZizczUw5-KCiLyDbN84DJVkqVk8pFJqf_zUoOigWZ7tnZSPZdgk-GcZNA6qKSmE9AftOXKMXBi3tqsU1xJ6Yt8JQrw7v2fD-F7e0YtNpk7RlYE8BsrR89ZJWI2-gblobJt6CTPwJs9mAcKz9vujZZnvhz-8ujvI2C3eI8b6JtRwfGqwqcdsbvuHT0efeyfREHmjEpZHDzqdE2GQ1_8MoQzZHDS3wHkuNivve4hdC5P6LaxrwW9qrTedUXIBTiORqObA3Q5dAupD8kO4kXov8Fs0Ioxq5woCw6vwAvNluz7v9JNTIHEtNxwbH-F6hTdGH3THL7uiCfMcuhpq7xmmrl3N01zHK7IHmwS2F4F_4NUpwBrar867WdY0uTiZs3jPef-wpQ4d6XkFBzCPGrNAzMUkG6mLGMD5T51uA770S1PdM3Cj6t2T-fXxMshyATDGEG7XmEukrQnT3y343CUCTlsg3Lvk1979NYzRcfFz5UNhu0QX__aTj2Cds-WvpLuSxYaPsfVmVQDO0cuzacObc_6lDe2EesRcivVpXGEUNBSLxyCW5qA7JU0NfmiaFfM-O2w_vvcxqsUnoFrxCsZS3E8en49FpdPwbPAlayzX8qsYGhiq0zUQBi952fav31AOg08uhVZyuTDeA51EwTD2M3gP-myeO5VUw99UO6su0oDhUp32d7kREE5Tg3ZNYrT36cxA7k8L541vjRocbKQT2mdIAAL31OVAMiLjA0l01YZDEbxqF__mrIHfTOzJsv8g3CuXZU67q3Q61IMc6XtmA6SA85mE8-vSAjln-aTEeE_HJTeFc2g3hpft_pVcidpW_jaB9dfoyusLx4vvJs6QIzkAn8GsZfX4qWFm7cX8sTwp7r6ESGo-eSxfg37RZEB0SlIsz2ZufYXpIdnASCgvxVK1MmvUFHOWfuE0PF4veyHA974YHdRhM_KExoijNpXxHXelkQSdtqJX_0sTGf79Qs528s4LhJzpJ3yu7B2laUwz6YoYa-0ESD8Ww8RFFBHqQhhxY4ivwyGby6ju2DD0wtY24YxISu3ZAymja7WTT7usYMYG6c1zu4QpkR1rVWZ60hSICvYnXDSMBMp8cimk5bW3_nJ1cQUCurFnnWK77S-UZ0Z3Abe6okNk0wCbhkdEdX3dcRI7f0AVzSSfeVPHRtgn_-Mjv4DzwtaNXD4JDRIV9ECUyDH-bciWRWDTG3Y8D8dEWq6aNO1_EwGWq-RJOUS4_VOPwDz3WzuC3SZ4v_apKjnRkb8jzoETgPXnNQE5wVMehCRwjY53RI6mg-y1z6Bb086N_bNYKjXbaLHehLG8MDi_dlrPCqb_afBPEMmmb_S6JaXtEzgUltIRWguzdyPUg76o5ssW-1js0llXyxgz7bXTPVw66qpX1G5pP9DrCiKzjQFim5B6yMjZhQCQbhp8dZLTLVwMpxVWdYiprZxw80H0jXfI9P3y2yfuv3jVP5QGV1R63J8E3OFm8b7B4fT_n2I5UhWtmWcB7dWdvXQmJ-bOqxW3cKLLeJU9hnWSvmQq1cSHTTestCRfY-_3G3O3spmBm4Nk-bbALtKYrS4B5YzEwEzqwdZHclBlkdkE2ItPtceSUCMK4P0k56xP90bPbTOjWWEJXqYM6s9sGNeSu8yfPO5tKV_jPGkm8fFhygTSKE63Qygo7bxUGetZuYDOZ5JzY7XRVDCTXbJDx3XGv2fXNBm90mZIvp_6w29_kSePLps1PHdPpyuNgGprWZ3wxOR4t4eKJ5ZQk2SNOdvv9U1oJkGn7_2jtE_2QarITCEQ7AFDp50srHlNe4XU3bmtNt12WKReZ9TW26qlX-lUXwrfdrVYXB2uFqhcX78MrgA7VhmZT42u450uP3yfxwgSJ3QbHsnFY09jUphDm8qP6OaW2jtJUSIuKmYwc5whgPyLnxp-dfQKFKTXCCxxfU-nYKmtI2QO08K2SasvaizT87CSAcc14DnJi5N0PWnF2qKLP1RamGsUxVGfMuBLSv2niUl8EKo0wmYofEleN7RwgZ2r5cw5JiKtD5CasoPn33gVm4NtkyB_WahMzLk0svtXczDbtGzJZ9fO1izacVQWoQH2Q2w86PWrpfHlvr8RWuO9VZ4ydSVeC-75TiqAErJ2IZvjDQCSuUnbrIe99md0BUJa6I2wViZ0SY5PuGOiXhq1IC5oECGtkltr42bGh2auZWFYnN4iyAnovt2S_iGr1vVana3Ypn6FaDTDY0JyjfenG18iPxrfqxJDSYIFN7FjYb-3j1S29pHtADvFGBUQghNVVuk1fsz1fIPWO747IXyeWLlWgkPFAy5J9Oib1rTqdw-SwpWIw4zmi-ibZ4NPm0RztNW8AaIyosY3g3S886Hf7aqUs8lndDShzgtrRP3zkKme-hkfkMN8STx8unUYd-6uUTdTzWw4xjC5btMHhldgDbq9pJervNYlVrSGjdJVlRZ1xVmh2P1gNwKuZ4Q8wDuuSOdGbeyd0KHVfWVVSDiVOBepQSyisFELsuc5SDcCOOzKU_hq9JMi0hg_per0apRMdHsFX2xCOYPe0NEpys9EF6dKkwxAj1MOUg7WGku_dlceNzB-BHdphqkQanhdTxV7esjfKYQZJc1v69NWGs66lIGpBV1LBZTbJaSoZktLf1XNxtdr0FcLWqQiEJdipCFo7uMde9YtDWSfIUJFl99TsIKIsv-Z04E8BfPaTpdSgHKIzP4W9hoC3cLpv7dFowHNbLbEQmXrPeCfcia1YGLEpkyLz4LzjpCxzoaMR0gjUjdloZOPi7fqAPwRDHXLt5_src87V9z5NpJi6JXzVk-52zeQlbHZ3rgC2UxrTTLkMD_wbv1RZBVlvOVGaOa6NATBboWR4CyKXB6QQDfbwaFzkllzU1tV_dtetfjLQYREwXUWWxkjNyo5u2am_5t0HQbETPX8U-YX9s925f3Q6gum7LoNgEX1yeWBzBlXtChZVC_QdPbnc2ekuIJ80cq0rFE2M1DA8ZWwKjwEFYfKLMxtHzVlKV_RnJaW-7C4rB5CHlfsiXuEjAiV91PmWmQQwiDWVCSVHZ4WJvWia-JJK87GZ0buYnNOaLndDH0Ew3ZFDDps1eLCmOqYyosOMX4_Q47QSz7ZGx3Qeu_1Q-MpcbhYGvQQ3qm269tbElCRz7PifAeh3bfT-vydSMKcqGblD5xjOcpzrHOWbbiGQEYJWcKvKP5-Cbqa1EFoBurf2PCXDsDr2DFRs1IadmD8l79fR7ZM13SF6g6gsBGOqQ_FwxKiJ80ThWjLTCfp02d0AZgm7gE5yjhQHyYY0fSn-aP2oprUr9RT3ngPE42F5PcVMfmO2HsOTs6BWVaMpDqgO-ezogU3ejxJktaoFMIh3ZA8xNgZTV04Jz-DYDMTVNr3XaUVFBoiMfZbudDWhaY0tnzNR9bK7WbZl4rQ9dj0Cm3hVhFwtTzQS-GQkmSa3GFvaj3gBw1gasdndX7h_8URau1PI8uQXSslEpYC5I7B4lld-KHGmjeYrQp6utjvzl60pa3qOAyfC09NNMont5D8T1-ZPqRfXw6_5rnTIzCFfW4KhWS96bWOKrCFyVlUjqFhpoEErU1xZLLRLhM6BoRMGeZoay1rIW9j7M8KrH6d6zkpFoRObbogoNmR04qThXQR5_xzHEEEej_5qeaBOZ568cXE2nkG7U7RbUGKwrG3nl-1iJvq5ZengiQhKK2-nNJ1Mf_euFBJ2om9lCzDBeYO42o-MhG6wUIAGLmeKfAOaun2FUrZ0JkwPZyOaiKBN-ktPXrP0t6aBjg9kPaC8C2XRt55HSd1ROvVNUL-f0vMwj_ZxeTegvmastpEA8NpjgPovi0&cid=CAQSTgAvHhf_TzocyQpm4H6ClDUfyzr5mza-oKoPTNmD0wEzirPezV9xBRdscNq-QpeMTjV_3jdiH36Q5uEgIEdMIiZrryC6uu5YlbJTTyW55xgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
2a8c987fbef6bdeb3e954031fdb860bb5c8218cd33d411c5e5a78cefb22870a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17726
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7E92
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0kYWnsHEZeLHBODmrtoPqc68mA_TvsT1dJr89My2EsCNtwEQASC4p8OTAWC_BaABz8a2zirIAQGpAlBptrJu8Kg-qAMByAPDBKoEywFP0Cyyf8UyOpPmYTaa59_ZAZpimuTZnq5fIK5uDid...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de54...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220xa4459fa8f54d5dc0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%2215369869854781493522%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226633338879682597249%22}&andc=true
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8475129625e916330000000000000000","2":"0x71c7045f9a41c890000000000000000","3":"0x6d2de5411a251f3a0000000000000000","4":"0xa4459fa8f54d5dc0000000000000000","5":"0x6e479377deaa58fc0000000000000000"},"debug_key":"15369869854781493522","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11438760783"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"6633338879682597249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Feb 2024 11:57:20 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8475129625e916330000000000000000","2":"0x71c7045f9a41c890000000000000000","3":"0x6d2de5411a251f3a0000000000000000","4":"0xa4459fa8f54d5dc0000000000000000","5":"0x6e479377deaa58fc0000000000000000"},"debug_key":"15369869854781493522","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11438760783"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"6633338879682597249"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6041
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKBJ-SoT2ujYHfH_RVwYQS4&google_cver=1&google_push=AXcoOmSvJMIBAI2Ei43p9wD1CzCOeH7Q5KfWsy6d4fWsTX4jGIbJQVBIu5ltWT-eGHWMBjiQDIDqRN7SSpWhhvxF9L...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKBJ-SoT2ujYHfH_RVwYQS4&google_cver=1&google_push=AXcoOmSvJMIBAI2Ei43p9wD1CzCOeH7Q5KfWsy6d4fWsTX4jGIbJQVBIu5ltWT-eGHWMBjiQDIDqRN7SSpWhhvxF9L...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWU1MzMwMzAtMWYwNS00YWE5LTg4ZGEtMTZlOGY1YzE2MjY0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ae533030-1f05-4aa9-88da-16e8f5c16264
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWU1MzMwMzAtMWYwNS00YWE5LTg4ZGEtMTZlOGY1YzE2MjY0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ae533030-1f05-4aa9-88da-16e8f5c16264
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWU1MzMwMzAtMWYwNS00YWE5LTg4ZGEtMTZlOGY1YzE2MjY0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ae533030-1f05-4aa9-88da-16e8f5c16264
date
Thu, 08 Feb 2024 11:57:20 GMT
server
Kestrel
content-length
423
sync
gdn.socdm.com/rtb/ Frame 6041
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1&google_push=AXcoOmRPmAJ8bEbQwsEdz07ngKv90bMEtijrYYIfAlh5_vndMv2-9qi949tH_QOwl2twk...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmNUQm9NQ284WWtBQUFhbkx0UUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
Protocol
HTTP/1.1
Server
211.120.53.192 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:57:21 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"42.60.46.68","key":"ZcTBoMCo8YkAAAanLtQAAAAA","privacy_sensitive":false,"uid":"ZcTBoMCo8YkAAAanLtQAAAAA","upstream_id":"m-ad411"}
X-SO-Key
ZcTBoMCo8YkAAAanLtQAAAAA
X-SO-Upstream-ID
m-ad411
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad411.dc4p.scaleout.jp
X-SO-UID
ZcTBoMCo8YkAAAanLtQAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
42.60.46.68
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
a-ng40015.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEC7fxpAZ7B8WevFDDRq0YuU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6041
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPVKsN9flnMb85m2xYWXiMU&google_cver=1&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpo...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg2NDM1NzQwOTk&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpomb0cEH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg2NDM1NzQwOTk&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpomb0cEHd2b3lCL03Q
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg2NDM1NzQwOTk&google_push=AXcoOmSHfMPwx2ISbCvcEhM4VX2I3UMB47Q-YndFGnbLcIWpPthMhojIu71FK7Cd9cnSNr-Od8YSNrcm5-7kcpomb0cEHd2b3lCL03Q
Date
Thu, 08 Feb 2024 11:57:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 6041 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQOad9_JNHE5F3EFgoH9cTP9BwE7HUIQAiLcAYyQzkaghyoZyamoExD3N3RvrhI5PK-NjS1Akm8jLt48Ucv6CtX43OVmFC3O5s&google_gid=CAESEGeBs-wTGkYo5ANT3mOyUNo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:19 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
253696
expires
Thu, 08 Feb 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6041
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM_PFHkAe1AFp0uzgxCrYa8&google_cver=1&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ff...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM_PFHkAe1AFp0uzgxCrYa8&google_cver=1&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_L...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NDExNTk2MjgwMDkyMjE3Mg&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NDExNTk2MjgwMDkyMjE3Mg&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ffXkwuxkPB8B7zvmgKOeFv-g
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NDExNTk2MjgwMDkyMjE3Mg&google_push=AXcoOmRRh3ykEWj4YCq3AaBTS7G9hmc6hm8CIKZGltyeNSpuzW4gh0r-Ljq10e4GwVJ1dl-Kr_LT05ffXkwuxkPB8B7zvmgKOeFv-g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cm
ams.creativecdn.com/adx/ Frame 6041
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&google_cver=1&google_push=AXcoOmRPiYUTm3YZE1GFgrB4tBmfzQNuc-ZEYOwhWpXXfvj9YTgwu1ZmugNb6RvU5r6WcFUxuQEWXVR5qo1yF1GmK...
  • https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&google_cver=1&google_push=AXcoOmRPiYUTm3YZE1GFgrB4tBmfzQNuc-ZEYOwhWpXXfvj9YTgwu1ZmugNb6RvU5r6WcFUxuQEWXVR5qo1yF1GmK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=57w6NmUWbOGsggNN6B3ji8Jl1a-KZ7Xwqi_1jrouv9U&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEA9I6QJ3a7FVJJs6qmKAafg&googl...
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
  • https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 08 Feb 2024 11:57:22 GMT, Thu, 08 Feb 2024 11:57:22 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
date
Thu, 08 Feb 2024 11:57:22 GMT
content-length
0
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 6041
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEJjLGKxfPTz91AgX2OVEyms&google_cver=1&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8G...
  • https://trace.popin.cc/ju/cs/google?google_gid=CAESEJjLGKxfPTz91AgX2OVEyms&google_cver=1&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2w...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4&google_hm=09dd4f7efb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4&google_hm=09dd4f7efb111f8a2vhdg200lsd5yz1c
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Feb 2024 11:57:21 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT-Rz4D5N4wYFLmifkjR3co65yJh6JGKLfMDorIS3_mce6qt3XdwhpzJhmF4OWO5-INPpIo-by4amrxi5RlgNi8Gx2wuSY4L6X4&google_hm=09dd4f7efb111f8a2vhdg200lsd5yz1c
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame 6041 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KElTRdTvt0nU0Alv0T_8pskEK10oomdeetG5KSLm8TA3ofRJSaiJub5QIMTfN8ltbx5TcjQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame E27D 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393437480&bpp=2&bdt=3676&idt=151&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=457629821&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 14:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
76727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 14:38:33 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BD5C 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 16:59:32 GMT
x-content-type-options
nosniff
age
68268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 16:59:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2F67
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:20 GMT
expires
Thu, 08 Feb 2024 11:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 11:57:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame 9211 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 14:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
76727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 14:38:33 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 11E7 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 16:59:32 GMT
x-content-type-options
nosniff
age
68268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 16:59:32 GMT
csi
csi.gstatic.com/ Frame 0C3E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsd5yxu1&c=5415574311761&slotId=2707787155880.5&qqid=CJKi_prYm4QDFXHh5wMdmZ4H3w&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nuq04s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 0C3E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 06:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192360
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 06:31:20 GMT
file.mp4
r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0C3E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
Protocol
HTTP/1.1
Server
142.251.85.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin26s06-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:57:21 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1719958
Last-Modified
Mon, 29 Jan 2024 14:40:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 08 Feb 2024 11:57:21 GMT

Redirect headers

date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
640
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 0C3E 		453 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7655395707560128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Thu, 08 Feb 2024 12:47:20 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame BD5C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3r4nnsHEZYyPOY-LrtoPkOiCoAvTvsT1dMq4kp-6EsCNtwEQASC4p8OTAWC_BaABz8a2zirIAQGpAlBptrJu8Kg-qAMByAPDBKoEywFP0JVRGAHiKm3t9rFztjQHiTHBsAmjsgs6uBvNruL...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de54...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220x7f0044069b10d1bb0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%222588886453821327174%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217754873350723916353%22}&andc=true
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8475129625e916330000000000000000","2":"0x71c7045f9a41c890000000000000000","3":"0x6d2de5411a251f3a0000000000000000","4":"0x7f0044069b10d1bb0000000000000000","5":"0x6e479377deaa58fc0000000000000000"},"debug_key":"2588886453821327174","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11438760783"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"17754873350723916353"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Feb 2024 11:57:20 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8475129625e916330000000000000000","2":"0x71c7045f9a41c890000000000000000","3":"0x6d2de5411a251f3a0000000000000000","4":"0x7f0044069b10d1bb0000000000000000","5":"0x6e479377deaa58fc0000000000000000"},"debug_key":"2588886453821327174","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11438760783"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"17754873350723916353"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220xa4459fa8f54d5dc0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%2215369869854781493522%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226633338879682597249%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 08 Feb 2024 11:57:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame 713C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=1&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 14:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
76727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Feb 2025 14:38:33 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 11E7 		42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nm9tLFjBcercqFSJqqb8V94TNJ25t0lPucVCxN3o7k-LCBCFT_E41v8V0tS3ggoisxumB0ymcj-_svo8lO6WVVaVheDQVW3qfC8eA6BnHpBHnRKDSc67tFJAVtTZAnM__bf17A8O_1L_8dbwr_3ihVMJIVHZcYLFm1K3n0YN6MM2EUExhmcN670-MMWBpE-UfgBxU4xjpZiRRe1l0uFsImSkGg&dbm_d=AKAmf-Dd16Q8Q3eThcs995b05hyx0gsHXudVKy9rsIRJvbKl4vSixWbK5vK_qwMGuPom6u5P3ZA8B5s0oOQ7a2Xuo6BjXK9ssLnbKtGeuopZlKIqW7NTnxjX-DZv_9D49A47pYTUeY4ur8X0O9j3H_gohqDIx7AiQgvF68aFtfetQOCwjdZOidH6x7OgJ79Gj2gNlpJ90BeS7WyI1iOTQYi3DLuMILmuVeCWOia8Smz4zAweUaBPIA3-Yj31ps5QMA2VlnE3tEE6FZhwGL96QA2P1mKEMPsl7hHpt73xg-CJVCYyk6kF_ygcpOUL35dVvc03jHz5k8DWmEisH9-OyZ6BNmZUr_bJLFOUu4EP0Fi2vuXLuleDy5QrRrwhmo6CSIN-A4q8Vou9tV6N4EETW1UG-TVA52crp6kgMKbq1bnQ976gbSf7mh2PV38TGeL6p3ckbWHpwDqTEX8pSNw7qafjqw324ItXeY-w8qpU3pfoMUyboKmjfCscnlCNe7gLk6G67Zdi7R0hEvxhrWkYlfvCep779XSmGmrOffpWcAQQ-utbTWvgwFr6LW6KIpiTphOInO0ZAWGchB4ArmsGn-JEXi2PGAYoY06eAbQO4wfg58o34yVNBquJXh8FMOIm29bIi_u4UpWNFOFEebs_DGIxZvXdxbmCFaA4GuMncCCQNyP70ISBzwnuHDpYG4yzOMhZhOGVwaU_Hp6gL9XxF5-XEAq13JWEpbGRymEkP6-gBYv_45G43ytgRVD123JzMO8WV3MTOXD2RqZVscWM8QVTR8JzQAZ_hhjyaxXRh1oZIeqZovLVLjnk1nI9y-C-kJWjRRG574iYITHmhoyCss32zk4Dn_BteVMPY8fGksoWtWWUTBwtShn9zcXEor0kxg1I3w13hb_tXqjLkgxrT5kIopCiU7pd2CS6bh90UhVqyhxSgbiyexcQljv-T4x9Lt99PREN3mJ4rVROB7znJ1Id1RXJuRouTRGKNhiD2ph4j9xgBz2AVIt7UI1O5lSgWRl9Rg5xHSv9NgOuxhaTdeRY9kI512EyyDnpdI7KglT6ka6JDh92pXqacooJGxj2Ja4S7RF0L5Fu4_ZkgbZp5TRuPb03I9lYVWppQ8A2qmCGDue1rx13tDbtIQ3QqkOrs7uDuaSVoePMm-UtmhOIppGQLvGueBFmhMyTSwg-9z__ymTCdlvNAU_dE1Xt2Q8J84IcOiRS0bTh91GnhwLhhvwHcqaQQssODL6Hrdi3LmTYWR3FHXyj1ysM4jiWMEf9OUwSl43XsvjMezSLrdkD_K6JY2mYfIL4oHR3RfTxVX_qX2L1VDQK1LBiFtMEkds5VtGFXgkN8Jj3N6_1FicTNPRQFr5WduZCMfZrtcPEkWt5biF3i4-6r2jVFFMYjiFk_zEjqzr9PbS-3A_P-fjcwNpdOyTvCxtITA20NoXFw6RsxZ6GUlVNmwlEeC0QiSnVJWT9ee9eSRzCFI14Ae8LtRGWFsGg_L3RK8NBP6ImKKLvbg7ZJiXVEDSzu3aPtRBxSERfeAd5MjtbSGKDIPoLjwDvM2-Ty9nh31862HkUlBjSrTpRm0azMeq5pVrEpeZbrlimq5qWw4TmEjZZxmY3sN7foREOC6OxKKdAXAceRw0pibnOJ0aodX4rc6K036gD2oB6qqnh83RZqvF_FMXqi5f02iNsqWklPaS21jQkNmis0yejXieL5jp6FCrrEMB7H5se4VKEYPG-e0TtLHoe0mY3rpsbS5FTq6-gfRy1AW0V1hxKSrij4LMGVp2WRyt6vYIK6sQ3unhxrGZnC6Ys6KxSsAf-pbAtOF5UxcyG6YgUtiZc9bWbzbp3HKl1a834tc6Kdej2ZKfh2yS_ONFRLHtG9N3gjtkCjgmr5X0h8tS3a939w4Ob9ZUxFi_JRcgA2wLUdAFWtA7ocJcqpNYllnPovWmVq2Q6hDn467Auh6cfYS_msjmXgHbWd7rb3FKlxXGbSZ_mVxxjznKupbuEARmLmS80P0RE6NtAr64uCZstjp20vHD0G_KfEcdgbburYolHROK4TQwSUrtsql16GOTRXsubj0ua-1o5bGzkwcp7L4SezwUqIcv9_rC_CQjkejy0L-qBrhCRJh5tZVtzwQeE46I_dkhVwd9gCF36ukYQC3bxnbPYvYRnD3urtJQDy06XDJTpWyOFEM2PrufnE6ZZlrN3F2h92PF6LPEZjhOTbK0qkr2VTgGnU9V8S58FfmTj-_SFkV6AxFfWEPGuKHi5x3-kbrJTQKu-3Em4UyEsWi0DR4Xnzt0Woe4OJGWDczuydh4qayP8AjVK_g6NwzENYEBujz9J3eNFmg9aPIRIJhsrEd8DM64Y08rCPsKyMkPPy1ds3Vedth4eCK4z-_bs_SXpc6Ls7ykC88a8yMQCYpFchR4ozpmT104LyLjTOAZ_JCNv7UOBim7eRjLUKfy90jLatv1AN6cQU9xm4XqkJwnxKNg85YGwP8wtFO7Iym_U7W6wCgAtBQVAe6z3bTasHopl3DF7iXelGlmPr-qhal79qL3gkpBVntndt8J7bufoKluSARKQVnYDNWXdBtJPW3lJzSQhXFo77w5gniNaC9wtCnGljLI6mugh5eHLN7BNDvptfe8DC8_iqgQAC39auaGNQsKb-oPG8vyWiajKPshHFtNuC-zT_W6UWWgtIIr2e_XjQ54GFXJwVMd1p5MTYUtVQHxM1rCL-3LQG4rL-OlZS0ocQtts5Nn1fgT7BSniQasX3QuF1VqM7SxRRjuweYIbXCHqCewE_Lwmhpr51jwRpxqxEmqNFWGimmfOQBFT0ps9ujflzV21XuXfeCBc4YoAUJzs7q3hZ0pM45sZDeW15o0Lvjj9oJTOlk14LrNZOm_CE4u_wunAFm_7IRHlViz_JFk3uEA7-V8fTqOlakz-MhyT-xoOvk1qAih4mxZAdb6_lm_zex9lzRHPHyYqaLHVwS7n6yoGZ9Bsl4nb6CWA1rK8Dg8hcuXMRiNsZsc1ZhMauuH72JWUodElQ8JSeclybYVn70o9iyxlZpiOdLULv-1cqWW18eglZrYfp3bOGMScYnHJ3CWugTW67FGrgxsSEg1BV8eBBfKiPzw8CS0XgpeoYsFhhELXiLWvv-L0Ya-aTczgTmg8MlqFGhX7gPuN0IASE_12h9l730xCMTZwzqOjGBEYxKah0xH_Q-T94LWQKRmmnJoPN0ceY5a2VkZYjBQo-lgQVHXEULM7cnHVY_YcEEqxGF6BCoHvKXS8y-MurSAnDjf938zk3ZivBGV889fkoTlLPgo9UkUKqCzlkwc9DAiTz8EpbixYbo2_sBGQGnD6g2z6JtfSsoIOK_LH3GQvYwY6W74auiKuTz-uD4xM4o35d_K88JkHua65er_4vXCP01NnwjMYDac_TcCgFwn7k_AIr9PMxQygG6qbEMhpLInQElFJD6Q1ioW7v_Dqlqik&cid=CAQSOwAvHhf_gO6P9cFcB2Ow8olkE4ZlHOeztWtRlqTogHT0DGdPC5FZf3BCAoaQ4Fa2aVDNUP7Pr4U8lKUEGAE&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707364063&rafmt=1&to=qs&pwprc=6613278971&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707393438859&bpp=1&bdt=5055&idt=-M&shv=r20240206&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5463904846722&frm=20&pv=1&ga_vid=479964273.1707393438&ga_sid=1707393438&ga_hid=1542444039&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31080886%2C44798934%2C95324155%2C95324161&oid=2&pvsid=1178421723929104&tmod=742342519&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame FEB4 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4262
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 10:46:18 GMT
expires
Fri, 07 Feb 2025 10:46:18 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		103 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
050a055ca2376f33efe5f8355ab5bb16438a5a05a5c3d61c3785964949c82a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7214
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
30535
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 09:57:07 GMT
expires
Fri, 07 Feb 2025 09:57:07 GMT
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 49BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufTVEEYDvnmkxrbOs9k_myuq1SHO-MptjD0tAwk2FPW49pNIJx7m9RbTzG_3HtiJ3FBEXqJKvx13iNPviFXwSjnnwZPWW48JMiA3VLpnjgPaqAcJcXkcLC7LxQSna_wmgzzdymmhCmA8fN0NLQrj0IpGxQaWe3S_NMniuEd5KKO0BXK4DjMFQz3uBa-VUW2j0wzncJRNReCpc_og_XrhYe7y_ZjlmLQm51Sc83Tbx-fL6aQuhStG8bWyp2hZQNpXqaAcFFd-neWjv6YohuzsJ04TUS8OXKPpbENngDHwV_VBN7hCgEF8jCYSsDZw8k5wu-aeascPue8jEDOzeYvcpzscaRsRpt1eOeHkzDxw1jShE381kaYFG4uAJLj0xWHbex2bfc7hpbydBJlJZQcazXN6_C8Zxu8peAVy23oeXMOD4PhrlUoiVi5Y42FRgmU9OUBzhW87N2nE5OfizwqfB2ewHfiVO22sxi3359lRRU_XBdXVJtRwsBwCUVEJKNETd16cC5cK44lKERkai6xz7hTFrg_qp0wA-AdCcPxyZpy9cqI_uoy4GeGmsYOcxKK0Rm23AnDlM0CVjmG42OY5xCjrIockM4LL3v3CYWucwNkzqqHKdVdPMxW6aAzik8NRIwlNHnMVCKsKb9D56PPA2wf5gGIqA8s_zKdoaj7ZFwzwduuTqLanHhwpXto9EeBIAgCVYWFXLFaDjuoEpB8aZdauszYGmCF_G4SqT4VtdKgG4iytqOaCE0K9WzYvU-88jt8lwya8RubDQezaAKvk1G8QKC-XJ6PE_dN5O-GSUyCwRvgjKvqLS9Wdo-ZpYy1huoQK-949Q7yIHD2tbHbYhMJyz80JDjj8Gc06__Ix3YRA5zIIRVd3sjUaTM50-ZfwXYD6U1ngFut6mF_3Ddb4khPYWovUSgdETjGQlMi8MraVc5P6CO0sWX-w8V7Ov1Q5_WOgLad1g5I3u8BcXuifHcneam00_McYan1uWpGSt4L2IgErNApE8gC6nP6IZsufXcUsl-AWEQarcjMEkJQCjJGwLHChXOYjXUstCmY7r8v_iirnY8Edtwlr8CP98Eds7331nkiPfeAtZSAifJVjvbi-5tPtCu6FHbIff39Hg4n-8Hg8h8FDgrv9NmO3BZe77UWOxuUhkyDgoPyj_Td_suoLiIcBV-M28KctJc__xCykNC_3MwfVId8ynUc9282uiyEO2e0ZeMVp6Ja48JLrZT3PBP2Bt95j-3ABt2xv4nPwFZdlgRkwBNJQ4BoED-_xeDv1To3IsIdaSrIniNKF2ALoD5nU-MCfUJGa0&sai=AMfl-YTlnX1C_lkDyXlIUeTyH1cIoiIrvB3NAwzgYUDMs044O6AXyh2mOgHXXAma_hKj6laQcy1aLPW6yWLdQlYbFxMYFkkzIvRkXAJu-AZLIRjTN8xq4tpRZzuEiUS0ZXNq7pBYckgjhqG06K1nLXtdRrb0yLczbzW5O-OthQ3bqlhm17UJ06wdlqeSiIrac0_A8VL-ue7lm8B2ks_IA9Cg1SqQso4Xmq27o_gRCP8j-LKTmRciMWUiYEBuOT_S7h6p3G5rMNhG22jruY-XJCN7PeKqEc-Tc4njHivGrw&sig=Cg0ArKJSzLaiVHDFNCPhEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=648&cbvp=1&cstd=645&cisv=r20240206.71063&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 08 Feb 2024 11:57:20 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8475129625e916330000000000000000%22,%222%22:%220x71c7045f9a41c890000000000000000%22,%223%22:%220x6d2de5411a251f3a0000000000000000%22,%224%22:%220x7f0044069b10d1bb0000000000000000%22,%225%22:%220x6e479377deaa58fc0000000000000000%22},%22debug_key%22:%222588886453821327174%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211438760783%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217754873350723916353%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 08 Feb 2024 11:57:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame FEB4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
139550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Feb 2025 21:11:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9211 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRMPyn8HEZdXEELmqssUPqamS-AcAAAAAOAHgBAI&bg=!xsWlxYrNAAY9UbWqHVE7ADQBe5WfONtVJhmwmaLCtYjd1HY1Xpd2izODkLQuKzti33pXvIpsO6rkhWdZJxF32AWERRR3AgAAAQlSAAAACmgBB5kDBstNbahkeajySnXbaey0LmDyblbHr9zFAAOpUU3sRgP67xwKEDsQaEe40jAxzsEWTdaw90S9kQoHSQBiUIIyhX02nCvMLKFaQoRTEswecVQGB7GqEjARaFPne0vUIsUC9c-g1sLaadbeIM_I6L0nDdB_Z0v8jLPvhuMkahsAdR89oUC86BbiJ0mXl5EqZYWW8zkM99KalYRcEQuXbXGS5puo4ltZCQ4GCNFKVO2hqzvvB5d1lsKOa-OfFzPU27shELhvbpAW4MSt6NH0xQ_Z_jXi6O1jMUZqb6G9OF6Ssc5bV4UvlcQ75986U9B8EvHkBvL0Driina-7kVgrtJEv2Ypr8km8VCmUW-UZcYo9a5YihZeQwKG7PJgNHjoNBlOOt4OXlOI_ahkKjej9aRf37n2JCzK4Ti2HeiymLGwhfsEjtEOkIgU3zfdP_p4SYp3khjpJlrXb-7LBUY2rZgcjvEV60TT_M_lgGO--gYn7tA7UP9IlZYxsTNLDzechyecrmg6LVAA50ahSfDi1GVavx5zBUpKS4lN11FtNSJO5m2_Oi7fAyHvV2DCqr4PrZHffKoLNYCB5AwRA3Hd4gXaBZbuQ19PwUnLnrlhKUcmGBZYHBB45dH_VSGPTue9xVlf8FrTnmG4O16Zb0oBlSS0C-7BT5uYxiYyUeMnzGbwXNX-0MJNVEcnnJmT2ov5EPDGpBsseT2ypagbvuFWHJrnRQXTOIh8fSLlA_MbJq-QvDRj-5fF0AExWPd-2IihIzMFcGNff7O_vPvfxgySLTz8F3oOdqyC_aduknNKBO2bg4obXjZ-Ovplor6acGPZIuZFNMnrCaS5PvKOOMROHahVMDmPct6jD3Jv_P7pB_p9Xmgtkxl2KCZNH5x4Vr-IcWRtcUVx58s68UVV6BJXAAYPmSUhkraXaAgTHG0tVqdoUeE1RN7nzP9p4jsw7fFsZkie5g-_8ERymmV1ZvBphq_Zk6fYc1ri8QgsjeNXpw2PjxYcH2SxIPJgHEgL_P0TW2cH3wIYXWdjnmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FEB4 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BY7PSoMHEZaLfAd2yjMwP37K5gAYAAAAAOAHgBAI&bg=!nJ-ln9DNAAaxkZ3akZE7ADQBe5WfOKtQ0Z2cbXagAUTsunI0voz3YWkCHLnXv3zCaF9D_GN0kEFCqplC3eNnRa3aKKvxAgAAAFlSAAAABWgBB5kC-gfWWw-HTXHtPf9N3sdN57Svcq6qGhXuGRYowP5SQO7vtMH7p3DU08DtbOQXifZyM6u7cQBi8luJ2HORMLVK3LxnvfFzi_NnXTD4RGQyhOZfJ59tq0ylIiHXDoPrqe9cIXAjCmBk7IKUbRZdE8Y1L2v9VW0klehYTgD8FSpfT_b8HEWNSoZJQzQ0yHaemOQArmp2yG02tdgsMnQ7NCjV_oJ537Gw26pn9AGAZrHfw71JayAvZmAmcqozDLrGTQdbGLYRC_A463KHJ25LFiHrLJzgWmroNGrd7HtgNhWQT1vytvRMMmVnB_PUknH_6e5zHpBCMApFV11EDb0evfrJoDGqVijmaND-ii6l3m5QzNmMIqrEsbRvXL-qBDyHfrKYomkC0pvMMh9RuDKC7hU2il41BWJImWViX0F0jXtyF6pfPjDZ9Ud_jJZqrV3LKXcqU0ti3v7KtPc5Z0r-mu2j51Xfvz3kFmT2yvknyRYu41kEQp4TK2H83ZaITjI1gzeNPAl3VtZmmVjBtZoKyRAf5yoE6dBtWrYV6Z7uTY5TcX8DmjeSL-wBV9SwTCP5JGY7EfGmFhO_s013ez9u6mqmhIItGK_zAYJbUIco2zUZOXC5vnHPWLhBMRr2jmigjJ3cQNKlXDkIe0gGj0NeaPScCpbSIsNk8uCf8YPDZ-JgIX6lFo_ccz9tjq9f24UgPWda6zVKl4j1TwLHMgO5sW_ypH27YUgvSYq59LsCAlOJLCBdj_De7NuEM5D-Td97VJVcrI081Jz16lJU9RkGJi8zouDbK-kKDZQ0us7t597gNi_EzW3WmTrERnbKTu53LUxBTOV47jlNYKT80WtsRhos8Piw_kqeCNK5VJ4teBkX9vC6hbwC4iK7aDY_HEfsm0dLqq5ckbyVBst1e8DJ1ZYnPnXeewiiB3O5wlWsXNv4inwleKRDG5r0r5bw42OLy_Ey_sSMHu0Yg9xhJcYtecu1R_RBolJyB2VxIpM3UjU1JPnSG8Ta3GogKG2l7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E92 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnpNGqha7SVR1cU2CuQsXbdnq0q-LrqrInBo2WgnhRI0fdvLujr_BEurk2FmMol2etyp1TuP9ey-WZ9E8C3FH43V5CnlBu0FYSJrxZYRlVZFtFfumXvwjcozA4YBscFEYy_4k34CNwu6aPIkoTtRkDQ0-8FoQFRxI&sai=AMfl-YTb40uglYGMa7OU1Z1K05XoRitZ4gcA8_VtOsyDY1z5NHZJ0e4SQSQ6wOAiyF3cLIE7TsftcOmFg2NeW7qzCNrZIQj1CEON6h4pz8KjrOIIiXABWKakP9B1_9fWMaQBDk2mAYDR4kyG2nxaXu5m&sig=Cg0ArKJSzDQBvIS0TMPAEAE&cid=CAQSTgAvHhf_B73mhm958El6bCtxdGu5pjX2Q4mLYYwrK-IRVg6YRcuDtABIIOZMSZpv3P7ja9eeuKEiYSKjfeoCHnMkWm87kpUTyMjB-e0sRBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=332623900&rst=1707393437635&rpt=2390&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0C3E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsd5yxy2&c=5415574311761&slotId=2707787155880.5&qqid=CJKi_prYm4QDFXHh5wMdmZ4H3w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2082&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1wo~atrd.1wt&ua_e=1&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nuq04s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imageshcnn7y0ipzaxwmvuclzf.svg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/imageshcnn7y0ipzaxwmvuclzf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
877550df4deefb59199c3a5811f7de0f348a8363ff44a115b7c21a6057792557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 05 Feb 2025 01:13:59 GMT
date
Tue, 06 Feb 2024 01:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1028
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
imagesogesiugxch6ruoool7pk.svg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/imagesogesiugxch6ruoool7pk.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
da7ed15d71193e94d023edb5c9e50e6a5ca6bd44c7b80647fe23b12a138ba345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 08 Feb 2024 11:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Feb 2025 11:57:21 GMT
d24d6faa59c6a230b08d996de945b5ca.jpg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/d24d6faa59c6a230b08d996de945b5ca.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
aa903c0845ce63093bc903ebcde49c1a9c91a746a0d95be608ac8a766bb1dc9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6061
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Feb 2025 11:57:21 GMT
6f7ab40cac1bc511c11195f4ffe70d9c.jpg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/6f7ab40cac1bc511c11195f4ffe70d9c.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
444de65428af2952cfe486b66367179cbd25c8681be05415318f9124eaf8e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 14:35:40 GMT
date
Thu, 01 Feb 2024 14:35:40 GMT
x-content-type-options
nosniff
age
595301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5209
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
87da037521eb788a016e706df81fbd0a.jpg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/87da037521eb788a016e706df81fbd0a.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
1c44d95dc3e9e74dc929adae524d7beb136538eba7ae8c42ef4db0a5ca88d285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3865
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Feb 2025 11:57:21 GMT
b652b018b2e40d52379a2b93d72e995d.jpg
s0.2mdn.net/sadbundle/4875235780525528291/ Frame 9BAC 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4875235780525528291/b652b018b2e40d52379a2b93d72e995d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
754a0656bf9db40e6fe35be91ad38a01b9d396027448c14413a7c12dcdea4294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9809
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 10:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Feb 2025 11:57:21 GMT
truncated
/ Frame 9BAC 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83e40718a6c0c5210c6463cd02917219423fa0e807cd9997ad627077859b9fe3

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
truncated
/ Frame 9BAC 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12d3bd12b75a9aa891a365d3b36cc2daf6cd8037bc0436c3b1019752095c289f

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
truncated
/ Frame 9BAC 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
396ca3f91a9eac1f1cf0702d46baa4f71e59ea4eb41ad6789cf9f5a11089ed77

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
file.mp4
r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0C3E 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.251.85.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin26s06-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 08 Feb 2024 11:57:21 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-1719957/1719958
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1719958
Last-Modified
Mon, 29 Jan 2024 14:40:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Thu, 08 Feb 2024 11:57:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 49BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufTVEEYDvnmkxrbOs9k_myuq1SHO-MptjD0tAwk2FPW49pNIJx7m9RbTzG_3HtiJ3FBEXqJKvx13iNPviFXwSjnnwZPWW48JMiA3VLpnjgPaqAcJcXkcLC7LxQSna_wmgzzdymmhCmA8fN0NLQrj0IpGxQaWe3S_NMniuEd5KKO0BXK4DjMFQz3uBa-VUW2j0wzncJRNReCpc_og_XrhYe7y_ZjlmLQm51Sc83Tbx-fL6aQuhStG8bWyp2hZQNpXqaAcFFd-neWjv6YohuzsJ04TUS8OXKPpbENngDHwV_VBN7hCgEF8jCYSsDZw8k5wu-aeascPue8jEDOzeYvcpzscaRsRpt1eOeHkzDxw1jShE381kaYFG4uAJLj0xWHbex2bfc7hpbydBJlJZQcazXN6_C8Zxu8peAVy23oeXMOD4PhrlUoiVi5Y42FRgmU9OUBzhW87N2nE5OfizwqfB2ewHfiVO22sxi3359lRRU_XBdXVJtRwsBwCUVEJKNETd16cC5cK44lKERkai6xz7hTFrg_qp0wA-AdCcPxyZpy9cqI_uoy4GeGmsYOcxKK0Rm23AnDlM0CVjmG42OY5xCjrIockM4LL3v3CYWucwNkzqqHKdVdPMxW6aAzik8NRIwlNHnMVCKsKb9D56PPA2wf5gGIqA8s_zKdoaj7ZFwzwduuTqLanHhwpXto9EeBIAgCVYWFXLFaDjuoEpB8aZdauszYGmCF_G4SqT4VtdKgG4iytqOaCE0K9WzYvU-88jt8lwya8RubDQezaAKvk1G8QKC-XJ6PE_dN5O-GSUyCwRvgjKvqLS9Wdo-ZpYy1huoQK-949Q7yIHD2tbHbYhMJyz80JDjj8Gc06__Ix3YRA5zIIRVd3sjUaTM50-ZfwXYD6U1ngFut6mF_3Ddb4khPYWovUSgdETjGQlMi8MraVc5P6CO0sWX-w8V7Ov1Q5_WOgLad1g5I3u8BcXuifHcneam00_McYan1uWpGSt4L2IgErNApE8gC6nP6IZsufXcUsl-AWEQarcjMEkJQCjJGwLHChXOYjXUstCmY7r8v_iirnY8Edtwlr8CP98Eds7331nkiPfeAtZSAifJVjvbi-5tPtCu6FHbIff39Hg4n-8Hg8h8FDgrv9NmO3BZe77UWOxuUhkyDgoPyj_Td_suoLiIcBV-M28KctJc__xCykNC_3MwfVId8ynUc9282uiyEO2e0ZeMVp6Ja48JLrZT3PBP2Bt95j-3ABt2xv4nPwFZdlgRkwBNJQ4BoED-_xeDv1To3IsIdaSrIniNKF2ALoD5nU-MCfUJGa0&sai=AMfl-YTlnX1C_lkDyXlIUeTyH1cIoiIrvB3NAwzgYUDMs044O6AXyh2mOgHXXAma_hKj6laQcy1aLPW6yWLdQlYbFxMYFkkzIvRkXAJu-AZLIRjTN8xq4tpRZzuEiUS0ZXNq7pBYckgjhqG06K1nLXtdRrb0yLczbzW5O-OthQ3bqlhm17UJ06wdlqeSiIrac0_A8VL-ue7lm8B2ks_IA9Cg1SqQso4Xmq27o_gRCP8j-LKTmRciMWUiYEBuOT_S7h6p3G5rMNhG22jruY-XJCN7PeKqEc-Tc4njHivGrw&sig=Cg0ArKJSzLaiVHDFNCPhEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1634&vt=11&dtpt=986&dett=3&cstd=645&cisv=r20240206.71063&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: paymybill.guru
URL: https://paymybill.guru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Feb 2024 11:57:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 49BE 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5sGf8oAaw70McuF16N0RGv5M2UK72LGowIyNfhBJVyOK23ZFQqg73O-5Rgc-oBLQvfYCOa0-T3neRqZRyqXEXg7PK1YrYWz77tXZQ93ViYWPI8067NNdBuGhNyQNs5LgtZ32ie9yIwiE2hOrSelHr0n51ZoW1tCk&sai=AMfl-YTtIi5VfVRUBoCa5qBhqq7Uk0E2aPAjb3iDsl2C2injbBcAhTglAlngqIukefbr2oDtMNs6Ql0Jh9guQU7kwTF_HhBEdZXGX9u4lR4neRhXghxO_ULUk8oir2aLitJGOZJds4rjbEnqvn19e9Uq&sig=Cg0ArKJSzL8mPGoAX4sfEAE&cid=CAQSTgAvHhf_TzocyQpm4H6ClDUfyzr5mza-oKoPTNmD0wEzirPezV9xBRdscNq-QpeMTjV_3jdiH36Q5uEgIEdMIiZrryC6uu5YlbJTTyW55xgB&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=332623900&rst=1707393439085&rpt=1602&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0C3E 		45 KB
46 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.251.85.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin26s06-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
b4806907d898aeb45dcc830b8eed93af74812b05d5606dddfb112c3abbee8155
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=1674357-

Response headers

Date
Thu, 08 Feb 2024 11:57:23 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 1674357-1719957/1719958
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
45601
Last-Modified
Mon, 29 Jan 2024 14:40:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Thu, 08 Feb 2024 11:57:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49BE 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9359575951242&version=m202401290101&ct=119&x=1&cor=7270940966032332000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VVKDZWEGFT&gtm=45je4250v9106982088za200&_p=1707393436797&gcd=13l3l3l3l1&npa=0&dma=0&cid=479964273.1707393438&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEII&sid=1707393438&sct=1&seg=0&dl=https%3A%2F%2Fpaymybill.guru%2F&dt=Pay%20My%20Bill%20Guru%20-%20PayMyBill.Guru&_s=2&tfd=13246
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVKDZWEGFT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paymybill.guru/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 11:57:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paymybill.guru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 undefined| href undefined| $ function| jQuery number| kpdetectdelayjs object| wpcf7 object| tocplus object| RocketPreloadLinksConfig object| lazySizes object| rhscriptvars function| reshowNav function| rehideNav object| re_main_search boolean| NavOverlayRemoved function| revMenuStyle undefined| postheight object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| kpUserInteractionEvents function| kpTriggerScriptLoader function| hwtLHLocRF6ku3O function| gtag object| dataLayer function| calcHTML object| errorQueue undefined| timeout function| sendErrorsToServer string| ajaxurl object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| swv function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| googletag object| gaplugins object| gaData object| google_llp

40 Cookies

Domain/Path Name / Value
paymybill.guru/ Name: quads_browser_width
Value: 1600
.paymybill.guru/ Name: _ga_CM26580JWS
Value: GS1.1.1707393438.1.0.1707393438.0.0.0
.paymybill.guru/ Name: _ga
Value: GA1.2.479964273.1707393438
.paymybill.guru/ Name: _gid
Value: GA1.2.1745139475.1707393439
.paymybill.guru/ Name: _gat_gtag_UA_108033343_2
Value: 1
.paymybill.guru/ Name: __gads
Value: ID=1fd920d4ae607887:T=1707393438:RT=1707393438:S=ALNI_Mbiw0nVynw3w-iIndgpu36lpPwkBA
.paymybill.guru/ Name: __gpi
Value: UID=00000cfc5e753a4d:T=1707393438:RT=1707393438:S=ALNI_Mb4lbFuVbIUKsyEeRG4RABLGH21Xw
.paymybill.guru/ Name: __eoi
Value: ID=436ec3065b6b5258:T=1707393438:RT=1707393438:S=AA-AfjaxSSo2HOJ09ZO4GMvXuA2q
.doubleclick.net/ Name: APC
Value: AfxxVi5k8gDQltz_FlMC3GYMREhroO1Didq382tJ9tzaoT2GufLU9w
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmKNFOp6b1AdubfZGyKjjzWc4cgg6motRkq_h3qbxWEqPQxau-eI9ffD7uzu4U
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.paymybill.guru/ Name: _ga_VVKDZWEGFT
Value: GS1.1.1707393438.1.0.1707393440.58.0.0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>rH>tuR!@wnfH8K6pQK`!5=E<*L5?%M1f#plai8-f=5)SV/a(0)K00rjo@.($eoI8<S%nugO%v4VB%nmGB)np?:
.casalemedia.com/ Name: CMID
Value: ZcTBoMsGSmc6RB1xT.M9rAAA
.casalemedia.com/ Name: CMPS
Value: 4718
.casalemedia.com/ Name: CMPRO
Value: 4718
.adnxs.com/ Name: XANDR_PANID
Value: bZbMpmpYOHXQv1ZB1cKNqBfDoeHMVIWU3rFOIfY6BBXHjzk6aUlatx_AIgnUKsh1mjToFsXI-jZjXzqy_CueDIaaPA0Sy0RhsZX4E1wi82s.
.adnxs.com/ Name: uuid2
Value: 794412738256539161
.c.appier.net/ Name: _auid
Value: adBrDfwbA1y5BPqjoMHEZQ
.c.appier.net/ Name: _gu
Value: CAESELO68ZxT_YjDN9qEUDw37KY
.adsrvr.org/ Name: TDID
Value: ae533030-1f05-4aa9-88da-16e8f5c16264
.fout.jp/ Name: uid
Value: TS3D2F3yD0laDbUdomNj7sEE0uE
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIlJb9sOSp1DwQBRgFIAEoAjILCIK959z6qdQ8EAU4AQ..
.socdm.com/ Name: SOC
Value: ZcTBoMCo8YkAAAanLtQAAAAA
.pangle-ads.com/ Name: _pangle
Value: 2c5FGx7o2OuRavNBDaLJRnmRTws
.adform.net/ Name: C
Value: 1
.googleadservices.com/ Name: ar_debug
Value: 1
.mediago.io/ Name: __mguid_
Value: 09dd4f7eda6eea492au2ia00lsd5yyki
.yandex.ru/ Name: yuidss
Value: 2230961011707393440
.yandex.ru/ Name: yandexuid
Value: 2230961011707393440
.creativecdn.com/ Name: g
Value: ixitEsgLwaSARXmlAD7H_1707393440935
.creativecdn.com/ Name: ts
Value: 1707393440
.zemanta.com/ Name: zuid
Value: lYgw3l7ipiQqB-YLWpV0
.adtdp.com/ Name: uid
Value: AY2IlF1icAWU-mxQpsU
.adtdp.com/ Name: dynid
Value: AY2IlF1icAWU-mxQpsU
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTcwNzM5MzQ0MX0
.adform.net/ Name: uid
Value: 8494115962800922172
.popin.cc/ Name: __mguid_
Value: 09dd4f7efb111f8a2vhdg200lsd5yz1c

5 Console Messages

Source Level URL
Text
network error URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEBQvww4ojssmdwd-lCDi65A&google_cver=1&google_push=AXcoOmSnaqvMxrf-JM_vjDoYznwPv6mg1mEHrpT8sc8QnvzUUAs2oaSL4ADsF7zYOCJTvhYQzLX9wIgwB3XixWUxDk1F00csY_VzyMXozqyqhndxhzAfe3dk9-k1Iusd_VGYqrRyf4p7sGQ1oGiBEl_utDe0Ig
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://s0.2mdn.net/sadbundle/4875235780525528291/index.html?ev=01_250
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://r4---sn-npoldn7d.c.2mdn.net/videoplayback/id/2c31b25ff538ced6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738929440/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3CA93F64C4137F661D1E64366096EC76E847FF9E.2867B6A51796E4D41E1A17412BEFDF1E260A3A66/key/cms1/cms_redirect/yes/mh/dB/mip/42.60.46.68/mm/42/mn/sn-npoldn7d/ms/onc/mt/1707393156/mv/m/mvi/4/pl/27/file/file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ams.creativecdn.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
app.cauly.co.kr
b1sync.zemanta.com
bid.g.doubleclick.net
c1.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
dis.criteo.com
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gtrace.mediago.io
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
paymybill.guru
r4---sn-npoldn7d.c.2mdn.net
s0.2mdn.net
stats.g.doubleclick.net
sync.fout.jp
tg.socdm.com
tpc.googlesyndication.com
trace.popin.cc
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.132.192.30
103.43.89.4
124.146.153.170
133.186.161.88
139.162.23.100
142.250.191.67
142.251.175.104
142.251.175.156
142.251.85.137
172.217.194.154
172.217.194.95
172.253.118.155
172.253.118.94
172.64.151.101
182.161.73.146
185.184.8.90
185.84.60.20
192.124.249.119
202.232.238.37
211.120.53.192
216.239.36.181
23.66.3.146
3.33.220.150
35.208.249.213
35.213.89.133
54.168.117.42
64.202.112.63
64.233.170.100
64.233.170.156
64.233.170.95
64.233.170.97
74.125.130.155
74.125.130.94
74.125.200.132
74.125.200.148
74.125.200.156
74.125.24.139
74.125.24.157
74.125.24.94
77.88.21.90
050a055ca2376f33efe5f8355ab5bb16438a5a05a5c3d61c3785964949c82a1e
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0925e6a929a9d6a28c9b1d95e3ede348c11ad7f1da7a604de8091e5a870fdda6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1241a6bf02a5978ecfb83b22eca5e3214bf4c860b3a5b4acd29dfbe8e0310317
12d3bd12b75a9aa891a365d3b36cc2daf6cd8037bc0436c3b1019752095c289f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1a3e8ea4e3089c1a6a70fe4055f8d9fa9ed846a12290b61b3429eecdf8a37e1a
1c44d95dc3e9e74dc929adae524d7beb136538eba7ae8c42ef4db0a5ca88d285
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1de8808529d5490b269bbd6f951e057e457b992172124e96311c1dccd0748b1b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c
2708a5b0cab0da6780ecfdeb9057b99c3421cebfda2613aaace7f59ff1c7857b
297d8d7899fd78d867a6ab9e542abb6453ec056906cc1eb5cecbcb4d3dbc2a0b
2a3bc611b7a36d5face9c4d7ecefcbcc831209427b99a84814eaa89cda62c685
2a8c987fbef6bdeb3e954031fdb860bb5c8218cd33d411c5e5a78cefb22870a1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
396ca3f91a9eac1f1cf0702d46baa4f71e59ea4eb41ad6789cf9f5a11089ed77
3d86c3c6c71800c663a4d904a9cabbae390a819a1db481ccfccaa8e8ffd4f563
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
444de65428af2952cfe486b66367179cbd25c8681be05415318f9124eaf8e2dc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2ddc479ab19740c301f1add64186068d0df3a2e2d85576f0945979a0be11e
4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5805892cc6c53f904c315cf2b9374deab28f0790254c01917e49484da9bb9665
5a552ded72ef19fa59e43be26bf425175c82264912b3a4e7a380e4ce353bb37b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644957999c8788a1579cb5c4f2526d621cf5efe6cf607b8a99643e964ff1af1b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718fc449dbfa9b4ceacf80c631eb924048cdb8fad5c3f23aaeb9eb53cdbb2820
7425ae7f315a95bf57d0bee9f2841b4aa547629c2fd1459d7253d057a29e4d12
754a0656bf9db40e6fe35be91ad38a01b9d396027448c14413a7c12dcdea4294
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
83302233ac1fa14bc20d7dbe81cefd75dd32e8b08f1112966bf26d367c4d1249
83e40718a6c0c5210c6463cd02917219423fa0e807cd9997ad627077859b9fe3
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
877550df4deefb59199c3a5811f7de0f348a8363ff44a115b7c21a6057792557
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8b563da1d79b45d01f3cfc549a5849c9f462c5033b164dcb99f1661b5727ecc6
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92dea0e7d06079abb718b3cd7592df9b43386e7deaa7660e6ac687b77e843c1b
935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea
937bb4606fa3ad0270f699a2ab06a5e4a07daf3d5e8733b6e01afb0ef92e48ac
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9c28286662e012303a793bb467998d9f0b76ab75860cd1cddaa50b5486289f60
9ccddf55828f4cda639b706f37673e3cc41de3550b72cfa93a7d246c69369334
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3e39f36bb7cb454a5a8b24926990bc3c1515658a68c917d3e017999d90a6b22
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
aa903c0845ce63093bc903ebcde49c1a9c91a746a0d95be608ac8a766bb1dc9e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f
af8a86e7f12ce47538a841fc6746f6d8f88643d607c3f0946e19bab4f7b60939
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b4806907d898aeb45dcc830b8eed93af74812b05d5606dddfb112c3abbee8155
b5930fd8bc0b23403e579c514332fdf590d95f678f3ca2a75547b46db8e69771
b7be46a05d1603497cc8f74465def2d0730eac130955c13509d6dcf666c061cf
b96b61d33cc6c6c19a8af327e4a350138f9a8f40ff2bf9f86d6ebb9b64d84c46
bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d
c04ce46a000ef2aafff082e6528ba93619be80edf7e41f251cf36b021bdd1f3d
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c79b77b501a0fd228b7424ab0dc4486b66936658e72a39985f18ed38231e8841
c80b7f98a788413f9d40fba1c5d2c50f045e9ec9e553192e7749522b5d070ece
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc2d71e68826b85acb5ccfcf54003f9e4410878c2b606631b8b60f1957c01081
cca3bc776f3c3612ea8386ed6eb35d10dca61f6504840f1f669d852cb188b6d0
cd8b2c8e5f1412ce20b01b7be5eda3def2249b015df0cf99450a6c5c8531c0c0
d3dc8f458ab5d800080480d9ec4c818e1a72e8594049408a75aac8c983f4cea3
d83a4db046dc043f97f3cb367e34625fd38d567e2a89a88e656ca5a4ad89dffb
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
da10f3adc23e4c4eee3a5a4846eefd5967a219ee7a8de2498cb3545483557725
da7ed15d71193e94d023edb5c9e50e6a5ca6bd44c7b80647fe23b12a138ba345
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e74fe5536d1e8bd1fe0186bffaf250c72f371b02b8167b561b0ce57d9495cdc6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec764bf3a8ec2b7318ccf70e193187c92fec2ff09603feda00b27ef516eb907b
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f672557254e16b97d6446158d7dd80ea45d14d1ac7dfcfa626dd66d9e27d0678
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f916d5abcc4a7d0dcd29793b8e089b419dd09a2a75b4965fa6a8f894a238a461
faeadd15b1d5c676be56f89e646fab73e657384a93f063128e3a0b2d83e71241
fd48a3aa39e064ef4c1d48a6e6264f40260003ad60824c9aa8ccac4ff0c70f52