belowinvoice.com Open in urlscan Pro
2606:4700:3035::ac43:add6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://belowinvoice.com/
Submission: On April 27 via automatic, source certstream-suspicious (April 27th 2023, 3:12:21 am UTC) — Scanned from DE

Summary HTTP 90 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3035::ac43:add6, located in United States and belongs to CLOUDFLARENET, US. The main domain is belowinvoice.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.

This is the only time belowinvoice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	2606:4700:303... 2606:4700:3035::ac43:add6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	18.173.226.187 18.173.226.187	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:4e:1... 2620:1ec:4e:1::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
90	16

59 2606:4700:3035::ac43:add6 (United States)

ASN13335 (CLOUDFLARENET, US)

belowinvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.226.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-226-187.dus51.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	belowinvoice.com belowinvoice.com	5 MB
8	gstatic.com fonts.gstatic.com	104 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 c.clarity.ms — Cisco Umbrella Rank: 1901 u.clarity.ms — Cisco Umbrella Rank: 9903	22 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	190 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	234 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 413	745 B
1	google.de www.google.de — Cisco Umbrella Rank: 3425	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 16	455 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10931	746 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
90	14

	Domain	Requested by
59	belowinvoice.com	belowinvoice.com
8	fonts.gstatic.com	fonts.googleapis.com
3	u.clarity.ms	www.clarity.ms
3	www.googletagmanager.com	belowinvoice.com www.googletagmanager.com
2	www.facebook.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	belowinvoice.com www.clarity.ms
2	connect.facebook.net	belowinvoice.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	belowinvoice.com
1	c.bing.com	1 redirects
1	www.google.de
1	www.google.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	d10lpsik1i8c69.cloudfront.net	belowinvoice.com
90	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-27` - `2024-04-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-03` - `2023-05-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://belowinvoice.com/
Frame ID: E7D206C55B9C39D66218FEDE6B3BCA82
Requests: 89 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6F37542E49080B8AA06F156F3A1F9DA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exotic Car Lease - Supercar & Luxury Car Leasing - Below Invoice

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

99 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

5485 kB
Transfer

9636 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BelowInvoice/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/belowinvoice/?hl=en

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&RedC=c.clarity.ms&MXFR=207D7A91E6266A940FF66991E2266405 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&MUID=3F41CCD186C6656B2669DFD1876C6452

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
belowinvoice.com/ 476 KB
45 KB 875ms
520ms Document
text/html 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8090f0113fe757548df1198284ee072a69729f3f9b6d46e20125bf890fca7e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7be3e1ef59f39956-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 03:12:13 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://belowinvoice.com/wp-json/>; rel="https://api.w.org/" <https://belowinvoice.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://belowinvoice.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPk8gKMP4FUwO3WF0NKvqD8egDar9v6K%2FB8RnzQ%2FJvhgPX24Ny3uftThrPH0vjc2ZlMdNHsfAqNj6Xlq7NOJoQ5OH7V8NCP6D5L779JxSZUHBevId2mgOhKZ0fcncf4%2FSQ74YNMMB8CfnklF%2FCvy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-enabled: True
x-httpd-modphp: 1
x-proxy-cache: HIT

GET
H2 200 siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/ 2 MB
242 KB 850ms
849ms Stylesheet
text/css 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07fb73bac31b9fd70abcecf906fd376a47246ca3828ac13ce1e33f46a253a9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 23:17:41 GMT
server: cloudflare
etag: W/"6449b115-22fd5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fD5qVeAGY2J%2FXQ3xg71%2FR3yOUafYS02HYJL6lIe3NVGT%2B6Va%2BiJuMCsMF4Femar9orDvyOfqjRc%2B9jIQjGU6n3beoHDD7JoaJWwBz5uYEk7iWRLnUD9Ewdi4R3ZVG7TbK1sR4lqka0IpIBQs3evh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7be3e1f29ccc9956-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%7CBebas+Neue%3A400%2C%7CPlayfair+Display%3A400&display=fallback&ver=4.1.3

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

696bf18782d8c832224b99364b3c3ed8e681294477a6750afcf3f62f82dcb278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 03:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 03:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 03:12:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 117 KB
3 KB 88ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBebas+Neue%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8788154fc1d15841e8d47bdab61de5a3fb55ae494da1434050fceb27f3f4f713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 03:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 03:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 03:12:13 GMT

GET
H3 200 audi.png
belowinvoice.com/wp-content/uploads/2020/10/ 17 KB
18 KB 554ms
553ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/audi.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8406563e696a9efe6074238072719e3a71dfea322b07ac473925c9dbcf0a6b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17792
last-modified: Wed, 21 Oct 2020 07:34:46 GMT
server: cloudflare
etag: "5f8fe496-4580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VR3mvNQJImzoOHwPL2DrPn1LgAzEiBWynmlCm6NJKxdHIUFwtixszbMN1Z4Ul6vKTbiZWn%2B9VkMS88HVDdPtNDfCcVymXxmV%2FZefHEcMruQCJyW12e9297iMQKNkLw7OVng8FEdH4VWPoAwjmNT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f36d7d03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 bmw.png
belowinvoice.com/wp-content/uploads/2020/10/ 23 KB
24 KB 555ms
553ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/bmw.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d510f2cf9a1eac85d33c64a66f693868e2715ea99c6c55ddeef45b92554fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23974
last-modified: Wed, 21 Oct 2020 07:34:56 GMT
server: cloudflare
etag: "5f8fe4a0-5da6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPEiqR0SBFegFjPG8bTHoeN2mWCCdFjXEUMLRyEEX%2BvcFKIt9n9e8k4Fkm6GMKA%2FM6YtJypq2zcbsPYqbrrehSn2KLyq2ydVye7iq6xELOhdE%2BcSzvVlczGRNIH7mHDhmeynC1oUKWV6ENJCFgfo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8203a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 3B.png
belowinvoice.com/wp-content/uploads/2020/10/ 16 KB
16 KB 535ms
533ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/3B.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e34b7948a5df2d48022fb57be83f115f3764a6333652b3247a115e9fed519545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15893
last-modified: Wed, 21 Oct 2020 07:34:44 GMT
server: cloudflare
etag: "5f8fe494-3e15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6K7IjJAAGPRKlAe6MOWQwFryRFG8OEmWbjWlhxnGpHiFP9R6shd6RpvtJINqJ8x5CDmHW2ZSsQ%2BIoHLq4h6kcZNm7NgEr2QiYwhIHwHKuHqLDVQf%2Fyr8UVhnGEPRzsvhqObTFntTwl84MzaXp%2BI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8403a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 ferrari.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
22 KB 515ms
513ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/ferrari.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ab6fe1052319c65f4d6475d03b59fbf27fe06e06c68cd2abae5cc82f88fe73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21642
last-modified: Thu, 03 Dec 2020 05:02:09 GMT
server: cloudflare
etag: "5fc87151-548a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLIAK2wtY4GdCPkm2Ej5%2BGd%2FFJm61gM9NleVtQ345ti6d23JTT2dZgv%2F6xudvbgYkl0gCov9l93%2FbB9SD6xr3v3Ca6wUW0dDzAQzB6v%2Fd%2BPeMPx6ge%2FY5HRqPsCwVJk2mJQp3v5bj9F6pieoiaLk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8503a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 av.png
belowinvoice.com/wp-content/uploads/2020/10/ 20 KB
21 KB 515ms
514ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/av.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3629c118648695e15e125cb306899990b24351484db5170e39216ad2447c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20787
last-modified: Wed, 21 Oct 2020 07:34:47 GMT
server: cloudflare
etag: "5f8fe497-5133"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXxnmNstPren8W3RvtFcHiTEqwhPqsRTUb6gIsEXokQWn485qFBkQxIX3G5dEMSjIkai4nt6ddIEfRx5bBkVwnpSZirfhJmkcJVukXmEHYsIWLeJ0cj1v4nSq9l%2F9%2BNnAvFrg3YoBKQi5OkuM2eG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8603a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 axwe.png
belowinvoice.com/wp-content/uploads/2020/10/ 16 KB
16 KB 555ms
553ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/axwe.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74cf4e2443fccca748399dde3dd9554ae6c9aa95f81815c99823fa7617f47a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16235
last-modified: Wed, 21 Oct 2020 07:34:50 GMT
server: cloudflare
etag: "5f8fe49a-3f6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfRjsMSrilGIGxF%2BMeCGo3niS8Aew4H20PLZiugmbGBgHRU0yrrqxaKLtsmmqU6rA0gHmMA4OaGSwK0kMV3rfizzNBnHPcRETFqA%2FGhd0LQC8U7uzvJqYqS%2FcLBL0YVUhOAUA7J1j31Mcmt9Kw27"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8803a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 mercedes.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
22 KB 556ms
554ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/mercedes.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9819a83ad7c46db4918e9cf98694486e4c1cc631fd937b7ba449420269e0b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21978
last-modified: Thu, 03 Dec 2020 05:03:15 GMT
server: cloudflare
etag: "5fc87193-55da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8J0PLuhOwPm%2B5kL26j5kxkzGQOTx6T0YBR5fQd50%2Bzm3S1wR8DgiEeUUkwXaSX5P79PuwFB3m5NuWzyKfs1gqYfbmeaijSxSabus3povXMITrEhr61oMp29SBs7f4%2Fu37g25m24Nb%2BaOM3HTBTZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8a03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 pagani.png
belowinvoice.com/wp-content/uploads/2020/12/ 19 KB
19 KB 514ms
512ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/pagani.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2030ac70761c8744bcbdd0caf930151bb61d3b780cfac65e18b71640e9bf61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19262
last-modified: Thu, 03 Dec 2020 05:03:40 GMT
server: cloudflare
etag: "5fc871ac-4b3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpp0nspcwoX4ugOcwicLDOB5YIx%2Bwf1nvGS%2FgPMESGIt6r5jXyxUxgn21x9EtEiybIPoX2qugG8S9WBj8f2U%2BtUwrU96NoSjmRyyA3KDYh7TxgSefahAYIsCVGqj47TW5wIr1nHu3DDMk2x0ae9n"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8b03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 porsche.png
belowinvoice.com/wp-content/uploads/2020/12/ 24 KB
24 KB 572ms
571ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/porsche.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148bdc189b8c66b91359c923946134d78eedfdbfd5df2b916f9db0a62c14d5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24393
last-modified: Thu, 03 Dec 2020 05:01:03 GMT
server: cloudflare
etag: "5fc8710f-5f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWTQiLQOCHQdE4ek8DD%2FPBnXiZ4oGCFuzTm%2FC8mYd%2Ba7ZUtJeKOarWYfj9W3npAn2CdcreCYOU%2BP6nPtJQuUyDPH%2FjMA1Pl82l%2BmGMiIbx6yNb5d%2ByAvbicF8oOFTI0YWbAaxIF8I%2Bt1e%2Bu8yRCT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8c03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 lamborghini.png
belowinvoice.com/wp-content/uploads/2020/12/ 24 KB
25 KB 494ms
493ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/lamborghini.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65d2e7beb8e166642be5db0558ead8a26dd32db5cac2962c5b4b63b89521fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24826
last-modified: Thu, 03 Dec 2020 08:03:05 GMT
server: cloudflare
etag: "5fc89bb9-60fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dddWz9NRfbR86kF1L3DmpU3XxhW36Qdh3%2BSj%2Binz3lwyTWa9z2WaCA%2BNz8GbMjmO8%2Fhhf3n986VqFKg1X%2B9JipsKiWHX8hpuA0URGwe4gxEF7zgJRgIsOSj%2B%2BjDfb6V4Y6I6cselSXvM4j98Bsx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8d03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 roles-royce.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
21 KB 573ms
572ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/roles-royce.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b3e8ec3e515470172d6dfe1053fd582b7d65279da35908a5860ce0c6ea5632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21311
last-modified: Thu, 03 Dec 2020 05:00:24 GMT
server: cloudflare
etag: "5fc870e8-533f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87XbiJ4ok8oe2P87UNGOt%2FhRLL9pkF0kguqzItVGFs8ZkfPA9sRLq6QHuIwiblqgIbe7jGg7%2B1ohNsdOslBrEqAXvQQm4nmKSU8izAwGiUYpjz3L3erxKlgtuk3i8svEEmQcZTjDtTtkWX0xs65b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d8e03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 koenigsegg.png
belowinvoice.com/wp-content/uploads/2020/12/ 22 KB
23 KB 574ms
573ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/koenigsegg.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109a16fe184d77ffb9c512db3488427fa9ff799fa22973a9d78e76ba1d057687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22490
last-modified: Thu, 03 Dec 2020 04:56:21 GMT
server: cloudflare
etag: "5fc86ff5-57da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWEgiMLDbmgJ0d2%2Bixhw6BB%2FzODrYbuzOy2iwovGgEqoWb%2Ff%2Fen%2BW49mLhVImOLCETFlRq0Yd93eus37BXIqlhdeAhQNtWtKt1%2FjPYcna3n6KNYvHDQPR8O5IQroN3ggaMahLI8JOS%2F%2FGQzk%2BeAm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f37d9003a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 rocket-loader.min.js Show response
belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Apr 2023 12:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6442841a-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m30su2jzOl6lecOJPAXnDjMJ9%2BR%2BK8J4qDqJrBNB7HbyYIOYYvoBn%2BlgYXHRuNWpf8j8sbSDeEf0Uu3ZNPjk0%2FO2lBQDO9k7kb5ADmSxz8wpVa448qyWgDolgnkpdkr3M6xh%2BtmwLNai4PwNICG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7be3e1f37d9103a0-FRA
expires: Sat, 29 Apr 2023 03:12:13 GMT

GET
H3 200 background-bg.png
belowinvoice.com/wp-content/uploads/2020/10/ 2 MB
2 MB 606ms
605ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/background-bg.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 396576617af9f96fb23244472191642f3e32c77cd1ea0677f63ee0d5b0dbaa1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2042336
last-modified: Mon, 19 Oct 2020 07:24:20 GMT
server: cloudflare
etag: "5f8d3f24-1f29e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoy94PFYybHdMrZV1Quxs5OLBkIseY6btFvTuQNdEXq5mTwcffO34Hxl%2Fq3gQkZGCE9nSp%2FcS7vAsgM36PtwmCk2oWjxqM2CgKhpGA%2F3RLpVT3mP4dh7QoCafcf8n%2BBC5vis7DXuVmIChCA%2BRx%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f94a9f03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 we-are.png
belowinvoice.com/wp-content/uploads/2020/10/ 240 KB
240 KB 604ms
604ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/we-are.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff72ea9916be2e6c9f1ccf1f13641bec69fb4908cf6e5d2e05792ffdcf5456d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245317
last-modified: Tue, 20 Oct 2020 06:40:40 GMT
server: cloudflare
etag: "5f8e8668-3be45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yURNAcFdQbWtLUFctbyxGgGvu0EUyN0sC991w1hq9tWQ4JAQeadbXDne3dE9ZqvP7vQjhngzbdPE%2BMMIK2jOA88bPrwKIgM8Ht3CFlixLTxVnrdE8QXSA6YsSYlMjnGPJn7lnkjbRNJMUMcmvJZC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f94aa103a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 price-bg.png
belowinvoice.com/wp-content/uploads/2020/10/ 622 KB
622 KB 610ms
610ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/price-bg.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b546583fabb71b4db831cc56a8abd1ea4d21623b03b30096a87e740a438a4a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 636651
last-modified: Wed, 21 Oct 2020 06:26:22 GMT
server: cloudflare
etag: "5f8fd48e-9b6eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46SBHI9FBCDpqn4HDzEqfLTZwAWvtwsbSRNmoFzn%2FJOQe8XP90%2BgCfwDdarxbciYB1zaYUzABvFulpcafwE7ja7XESsJiy6S072t%2BGAslWaWSRJVayWx1WqPy1VutB2EyoKDgjCetviTyIaAWgXj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f95aa703a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 footer-bg.png
belowinvoice.com/wp-content/uploads/2019/12/ 318 KB
319 KB 27ms
26ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2019/12/footer-bg.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa4e4341dce4d1f0350c51bbb384f4d24e3f2ad93abfb8b316b0e955e09c2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206970
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 325656
last-modified: Sat, 31 Oct 2020 11:49:51 GMT
server: cloudflare
etag: "5f9d4f5f-4f818"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FxSWyvhgQVfWHiNq6M2PTUWzJd1NDfmMNCqYJh6SA0lwSKFC5FemQ7fGc%2B38JAy7cLtXGv8JLOk99R8415q7IjxADGg2JxOOSCl1SHa7jLssgiGszxqTOKzAV%2Br6%2FfPVwCZjWupGPQWOJTXRW2K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f95aad03a0-FRA
expires: Tue, 23 Apr 2024 17:42:44 GMT

GET
H3 200 footer-icon.png
belowinvoice.com/wp-content/uploads/2019/12/ 11 KB
11 KB 66ms
66ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2019/12/footer-icon.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 681d9920df32c3155e142c03ab14d8d5e6557c371d4d3203ae0564d85013aeb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206970
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11138
last-modified: Sat, 31 Oct 2020 11:59:05 GMT
server: cloudflare
etag: "5f9d5189-2b82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x%2FtsIpg%2BIWEtx2atChd2WvWXv4BP6WwHXzL9t%2B7EJKLHsjIvwRaAw5RUTn9i8k1GMqzlJUkylPkjIF0BS61H4zEx8bUeH89Vib4GNQdKesFw62apWBwzqHS3VMBbq0d3RNn12msf8trTZU3fAv6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f95ab003a0-FRA
expires: Tue, 23 Apr 2024 17:42:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%7CBebas+Neue%3A400%2C%7CPlayfair+Display%3A400&display=fallback&ver=4.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 522411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 101ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBebas+Neue%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:17 GMT
x-content-type-options: nosniff
age: 421317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 115ms
64ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:24:35 GMT
x-content-type-options: nosniff
age: 420459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:24:35 GMT

GET
H3 200 fa-solid-900.woff2
belowinvoice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 65ms
64ms Font
font/woff2 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 212121
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Mon, 03 Apr 2023 06:50:54 GMT
server: cloudflare
etag: "642a774e-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgqCisCgwz1MtwkECjbpgIdWAE%2BVFQLVIeh5HBHaA2Xc67OAS8rC4jl7%2FL4XLmeFcGfBQoxsrBwugB37XtqFVF%2BWgAoKCvpOrdPUCzENlx%2Frvk4XKQdlSRqehKjB7ifnLmg3IDT62g%2BEwlW%2Bx20W"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f96ab503a0-FRA
expires: Tue, 23 Apr 2024 16:16:53 GMT

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v9/ 13 KB
13 KB 111ms
60ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v9/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%7CBebas+Neue%3A400%2C%7CPlayfair+Display%3A400&display=fallback&ver=4.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:31:41 GMT
x-content-type-options: nosniff
age: 376833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13416
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:31:41 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 104ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:29:29 GMT
x-content-type-options: nosniff
age: 380565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:29:29 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 109ms
59ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%7CBebas+Neue%3A400%2C%7CPlayfair+Display%3A400&display=fallback&ver=4.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:52:39 GMT
x-content-type-options: nosniff
age: 422375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:52:39 GMT

GET
H3 200 eicons.woff2
belowinvoice.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 92 KB
92 KB 65ms
65ms Font
font/woff2 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.18.0
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3469696dc12a3dc0509c47d862fbba33cdca1aaea747a6c4338148184c849db4

Request headers

Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 212120
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93868
last-modified: Mon, 03 Apr 2023 06:50:54 GMT
server: cloudflare
etag: "642a774e-16eac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onbAEynjHyeNLVAnCjHDgGKNdvmGFYSI9EdLmWMrqTIgkxkY%2Bp4mJTiyGNSTtz1cDv8s%2Fewj6Amdd5DnPwt1UJxq%2FSbUYI9f9RDjajixkFUaD0RhTccp83bZELbz5tHdIkENeL6ibInF13Ymc%2BA0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f96ab703a0-FRA
expires: Tue, 23 Apr 2024 16:16:54 GMT

GET
H3 200 fa-regular-400.woff2
belowinvoice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
14 KB 482ms
481ms Font
font/woff2 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-1c6f3bb58274374610225bbeea35534a.css
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13276
last-modified: Wed, 26 Apr 2023 09:29:15 GMT
server: cloudflare
etag: "6448eeeb-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SH3Mm2IMceTwhgeeVZ7MBiF%2FR4MNIfQylC8J49d0fgeW%2BNOICoIlItiEY8HBCb73Euf9KbBBOJA4P1AZ1AvIWZDME6ap5Jl9g7r69Yx4UURX9EyEiDAkNxOF53s7sXIJG0DN5P%2FFGjW9pnD5%2F1%2FO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f96ab803a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 106ms
57ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:41:35 GMT
x-content-type-options: nosniff
age: 387039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:41:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://belowinvoice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 522411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 fb.png
belowinvoice.com/wp-content/uploads/2019/12/ 7 KB
7 KB 33ms
33ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2019/12/fb.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e473f787eac77caf338f0d206e099b3f158a4964536d203dbf6220d1b39b45dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206970
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6969
last-modified: Sat, 31 Oct 2020 12:15:09 GMT
server: cloudflare
etag: "5f9d554d-1b39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRxY44wEacLxXPBaxU%2BDEe1lnhysKTBKqTmLfwTzt%2FAe0vP6kB5YL9kXHErQn6npT15BvJ18pmF90MMKJUu%2B7%2B1SEehFejHovIqPtfdg2f51FPG7nPQYtSPz8ccTn0vdHs4DWXOtzo5jyGKUtfDn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99af403a0-FRA
expires: Tue, 23 Apr 2024 17:42:44 GMT

GET
H3 200 insta.png
belowinvoice.com/wp-content/uploads/2019/12/ 7 KB
7 KB 33ms
31ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2019/12/insta.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e830e232d7536c3830fe75a1c64dbf5cc1b0ce8449660c61a7d4cb7c3acd0e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206970
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7089
last-modified: Sat, 31 Oct 2020 12:15:07 GMT
server: cloudflare
etag: "5f9d554b-1bb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zata1P04OUf%2B%2BJTM2mVn7ajmG8X7NwW%2B%2FYollTnBd1MOkC4U9qGUeZb%2FgAPXJ3PWNWYM7kaU%2BeMQOCIRd5x2O1ZNOj9NpmHqxu70JTkzVKy3ffUw7T8Y%2FwXlg0AawoG3i6pKSIe2k0YPjnTiApfX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99af803a0-FRA
expires: Tue, 23 Apr 2024 17:42:44 GMT

GET
H3 200 small-red-circle.png
belowinvoice.com/wp-content/uploads/2020/11/ 2 KB
3 KB 433ms
431ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/11/small-red-circle.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd0fe62fd6c65cb9b59b5cafbf28dd7363173517e534901783fc851e9c51625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2041
last-modified: Fri, 20 Nov 2020 12:47:07 GMT
server: cloudflare
etag: "5fb7bacb-7f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSQWW1m5628Phzk6qAj4So4BGuV8eN%2BpME6di5OL7Cqg1LrdP0m%2BZG7lBfRp%2Fy9S7fuyrhcaPXL4mpd4Fuk4Hj%2FYfgLaHXF6EklgTD3L2GTt1Myhzhms0XmcuxLM5wjzE8rPxG8YVqvJMn%2FEIjCh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99af903a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car1.png
belowinvoice.com/wp-content/uploads/2020/10/ 33 KB
33 KB 548ms
547ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car1.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abfae1d7e7edf19d70dfb3c016f5db221ce18cac5eea253f875fd21c4bc943c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33478
last-modified: Wed, 21 Oct 2020 06:01:48 GMT
server: cloudflare
etag: "5f8fcecc-82c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AVIvFmafheZUijO18OKp4OhS1szXvAoi4MfFgHWaTYwCvjLZTXIgHnNczaUXyDV9Ysge0MnAEYcigJDFSN2eIXWI4RgftxMi4Tjqs11qxshit1iMqjqyx%2BAjcdh0xZfBa%2Bo4P094E2GpHLCB7R0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99afa03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car2.png
belowinvoice.com/wp-content/uploads/2020/10/ 31 KB
32 KB 492ms
490ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car2.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b93829faea1db96a01abaf85dbf8b8491c5ccf4f23f60a43934ea72c8ac8c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32235
last-modified: Wed, 21 Oct 2020 06:07:40 GMT
server: cloudflare
etag: "5f8fd02c-7deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2BWAFPrZg0xwNO4FvC%2Bl4zenD%2BNrDRx8puKNkW%2B%2BzesQyHUfgCB42zct3vc7M9lZB3QcmOiMPTlyVgiKVbarU%2BWRHov7b6svxMN%2F1uC7rl7%2FYStKP6WYN8l97nO1n8uBe51ZZUFWGeeECxz5ngj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99afb03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car3.png
belowinvoice.com/wp-content/uploads/2020/10/ 32 KB
33 KB 33ms
31ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car3.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c0e5fd6f8b5032ee1a7fee13f69c9c586db1097be994a83664af8f7ae26c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55537
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32736
last-modified: Wed, 21 Oct 2020 06:07:41 GMT
server: cloudflare
etag: "5f8fd02d-7fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxua03HeKTvl6KAze0p5ZI2Dr3%2Bdx6HwB19CBDV4vLsuGt%2FX%2BKoQtW%2BNYjD5wH9dB35C%2Bm0GplEep1tAr3PEyOU2XDOcVEHhSB78w4JxS36jg905cy8DAOhpYoLnrV9pzdJ4oMVQGsRjpEkH9AM0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99afc03a0-FRA
expires: Thu, 25 Apr 2024 11:46:36 GMT

GET
H3 200 rolls-royce-lease-specials.png
belowinvoice.com/wp-content/uploads/2021/04/ 39 KB
39 KB 605ms
604ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2021/04/rolls-royce-lease-specials.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3c9b588be40a9af63c4ff1bdb157eb3301ed28a010d6d2b52d831bad33b425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39472
last-modified: Thu, 22 Apr 2021 04:12:28 GMT
server: cloudflare
etag: "6080f7ac-9a30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oij9l3N9SFWFiKZj3tVD97sWID3CyiWXKMxntNDD7PMtxgGgSm%2FRAhe%2BvWm8U%2BmgHFi5ziuylifh0z4Q0BrDKkjBXHHQwU6VyHiyc%2BUUnm%2F4Cl9DNIU%2BOM4P9hu7oO5BUnJYJhgnEq4b%2FewYG48X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99afd03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car5.png
belowinvoice.com/wp-content/uploads/2020/10/ 36 KB
37 KB 533ms
531ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car5.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e95f8f1552cc6f4b83799f898ed6fdf38bfd99bbd5abfb83bcd4df064a139773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36976
last-modified: Wed, 21 Oct 2020 06:07:46 GMT
server: cloudflare
etag: "5f8fd032-9070"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIhb7We3Z9ibEH8f404rhnt5o6V9lkQO0Sbn9RySzwb2Ppg9QLY6qO4yyEXacLSReRqIhw7DSlwAEmM1dZhWI%2BpShaxCMCzCMIya3i2p1C%2BEjzObiIf20ypxwDVj8c%2B4hA7WN3HiLqNN6Nxd%2B4NS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99afe03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car6.png
belowinvoice.com/wp-content/uploads/2020/10/ 30 KB
30 KB 493ms
491ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car6.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46924c367436767b6e20b52a8fbc9722eff542d0954a6fbfad0b441a2bc6218c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30564
last-modified: Wed, 21 Oct 2020 06:08:03 GMT
server: cloudflare
etag: "5f8fd043-7764"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhEBOlennBOGcTm8VddRnQVXgN1l0OBbpk0ons0LEEv9C5bslkyHTZk%2BRBEhZesqnvIq2hJf9odF7980v4lxM7O%2FqoP80pFYBibia39CcvBgGVb66MK1KtNPryrql6zsuEEfmPwExRwgg2hKOmAN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99aff03a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car7.png
belowinvoice.com/wp-content/uploads/2020/10/ 30 KB
30 KB 494ms
493ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car7.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a24b22f123e9ba4a8a8f3ae600f0cb11eeb9aa65f3e164f1f3b2d4528f5d461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30266
last-modified: Wed, 21 Oct 2020 06:22:30 GMT
server: cloudflare
etag: "5f8fd3a6-763a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsLj9BXoMHGx0TF194cee1pSGV6e7IZIQBmdDMPT8k39XIZ1nbguYXBW9TaTEs66m%2FX5H4BvW%2F7Q513NGqfFV4vIIweHl45pF5Dl6GCLk1HysmqQ4WnlFmbatDb5lWERU2%2BpTd33tHY2zpVR%2BEo1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0103a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car4.png
belowinvoice.com/wp-content/uploads/2020/10/ 28 KB
28 KB 498ms
496ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car4.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9177c485b9b43b2af79684b42e85fcd18e3651fff23e0934b4219dd60fad0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28237
last-modified: Wed, 21 Oct 2020 06:07:43 GMT
server: cloudflare
etag: "5f8fd02f-6e4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrBZKvcb%2BymN4rzJ87qr0QYJ62Jr5LVEHIi5ydSYqg75lsrw32meYaPJTFdSlK6llNyppl35o%2FoltBPeCR4TVirhBnlSPNQbZ2oubTK9HYPTkEkIm1Dnf1qhD1qhOVCoZ29vGsigMKCRiwdA34vd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0203a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 Ferrari-Lease-Specials.png
belowinvoice.com/wp-content/uploads/2020/12/ 27 KB
28 KB 505ms
504ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/Ferrari-Lease-Specials.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cd665706953fe81916d436b40001cf2edf6a4ee6420d8a231fefeacfd54eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27787
last-modified: Thu, 03 Dec 2020 04:52:12 GMT
server: cloudflare
etag: "5fc86efc-6c8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buQcR9AJ0t9ogLOd%2BPO%2BsADUsrO11n4903A1KQC3hlhHh8WYmNIJYgiizokd7s0WmPF7EMchFLc5NMyyCBhpvJ6fnC0%2FXxjSSkESodE1%2BE421ptGx0okpyOd9cjJXqgKKuAXXHt%2FrMUXIvsf2y1X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0303a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 car8.png
belowinvoice.com/wp-content/uploads/2020/10/ 35 KB
35 KB 573ms
571ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/car8.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2661886ecae6fd9bde22d4988c9400a628d9536d5be31a454ca47573fa05a972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35351
last-modified: Wed, 21 Oct 2020 06:08:57 GMT
server: cloudflare
etag: "5f8fd079-8a17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akzSJBodqtSQC2fbrXsIt64FRnh%2F2N3YDSGt%2FyJYGNrJjsKh9xsyXA%2F94%2BQI%2F%2B3Xan287YWIy43YctCDtPXx%2FuBtWyLMFb5rW2T3eJepsaJx9u%2BIngXxVJgc0cp8MEsLHUOOZfGJpLXA7puh6LuM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0403a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 gray-small-circle.png
belowinvoice.com/wp-content/uploads/2020/11/ 2 KB
3 KB 387ms
385ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/11/gray-small-circle.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eadcf1138bc2067b6833c61ff6df69b0628ec30cc7845694dc9cf0896549638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2025
last-modified: Fri, 20 Nov 2020 13:00:56 GMT
server: cloudflare
etag: "5fb7be08-7e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ouoB3Iktp9G88fLN0%2FhEY4zlLKkyJpPtps%2FliruNc1Q0asoA5nFnU7JFKCFFQRB%2FepNzOgDpcWLpEXSBa0NPBs7o9GkqK%2Bp5NMmlsJ7VbQY4BHivWmurfXPPsJ4%2BCl3WGPKGzqCcvwGBQYBXFKd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0503a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 location.svg
belowinvoice.com/wp-content/uploads//2020/10/ 933 B
1 KB 394ms
392ms Image
image/svg+xml 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads//2020/10/location.svg
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9288f1864995769550783cd52335b93dbf2cecf22f0789a809cda0233ae7e0e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 06:42:27 GMT
server: cloudflare
etag: W/"5f8fd853-3a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm3jIuXpxB0D9%2BbAKt%2FUjfHg26QVgz0eIOMkD2dDGWVF7uSoQNKwa86yfzXVsmaqHK1DXrSjwz%2ByEeOxoZDAtnSJbKlG%2Bq205mX3NrW7PLDJawb%2FsHEW1fJ257U5bOEmbC0RfXPhVDZU9dp2BxDq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0603a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 quotes-icon.svg
belowinvoice.com/wp-content/uploads//2020/11/ 650 B
889 B 386ms
384ms Image
image/svg+xml 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads//2020/11/quotes-icon.svg
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d689a6b8b82b0e76563a11ebda29c67aea7c847d0176a80dc48301ea4e5633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 Nov 2020 15:07:24 GMT
server: cloudflare
etag: W/"5fad4fac-28a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL3LpvwoUgDJR3nBAa6jkBzPF8AHpSyspWJMUYDrA%2BnEmImUcmtM2oyvMYGBKFZu97aONW%2BvgiB9ES7EcmQ25EPdcm9GuY6FrA2wbFQyYArQ3NXM%2Few%2F3hT6p9%2BzwfAzLa1HNR%2BrWlSHMRlK5UHa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0703a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js Show response
belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/ 1 MB
295 KB 827ms
827ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fa779f970eee8d320c6cb68479e205a5e709e0d197b96d2528162d602e1043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 23:17:41 GMT
server: cloudflare
etag: W/"6449b115-1110b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9afcea9n3BB7dca1EVYPRrhxdw4rnLfCncmBLlP8%2BNMp%2FvUrzzJojgvKKt%2FSIxSnEpTzBb1Z1y8tCAsfnjMqBpKqUxhStONpEGbG1Izr06rfAlfUA2OHJXQYKiJ5%2B8e6tXNDif5%2FsTVvUzma68w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0803a0-FRA
expires: Fri, 26 Apr 2024 03:12:14 GMT

GET
H3 200 i18n.min.js Show response
belowinvoice.com/wp-includes/js/dist/ 10 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228574
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 10:43:54 GMT
server: cloudflare
etag: W/"63639b6a-27f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLzwZHplhoKHzA%2FYzSSHlzp3ivm27bv7IkPz6Azm89TIB%2FwhIsW6pThhjoQlFeu6L2PoAAKo55xoDBle7BLXoZrWjoX5R6r1BED2CqpWz1%2FBsC%2FvTwJumQpWbQBscSkgEN%2F2mBOiymRWYTSCOGfD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0903a0-FRA
expires: Tue, 23 Apr 2024 11:42:40 GMT

GET
H3 200 hooks.min.js Show response
belowinvoice.com/wp-includes/js/dist/ 5 KB
2 KB 45ms
44ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534620
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 07:03:20 GMT
server: cloudflare
etag: W/"628f2638-132e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0Y9JigjgOZhKVgg9c%2FY03FAyjurz5fPnoApXElVuEMomGch4xGxP7zlvpHhPCY4JINgcFzgpI4moY9a4bDpZLv%2F8VZ5hfyGJsKKnAB2FIzwt6A7Xfu8Y1GaAhQBfU68kGokEY6vp4upPYAWVyc5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0a03a0-FRA
expires: Fri, 19 Apr 2024 22:41:54 GMT

GET
H3 200 wp-polyfill.min.js Show response
belowinvoice.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 45ms
45ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534620
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 10:43:54 GMT
server: cloudflare
etag: W/"63639b6a-459f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7rubdm2jR9Ss8d1ePXSA0tPTFdKNVoijfvOLLKw1l1V7EPfpK8vgmxR4e2KIV17eZMnpCtLc%2FGBKdYzF0G8gwOwoaHcqicolCg4KegCENKdpTHN1080AeLT2%2BaE%2BK1Y6%2FcWyCdgYx52bkwvJKrE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0c03a0-FRA
expires: Fri, 19 Apr 2024 22:41:54 GMT

GET
H3 200 eael-5526.min.js Show response
belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/ 0
562 B 46ms
45ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/eael-5526.min.js
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206970
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Mon, 17 Apr 2023 10:29:17 GMT
server: cloudflare
etag: "643d1f7d-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq4fePYsZb%2B2QejPgg7k6MXqTb%2BaxwVYVr71VcAP0BeqGPGuC5YmxrvfYt%2Fdx8Ye%2Fh3oVFsGKVRKTTbj940i4UaOiSG0uKMbOZIHtAwPv6MgqsoVzsSZW91BO%2BdhL2%2F0pF8DxUI6rn8MeURprhZr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e1f99b0d03a0-FRA
expires: Tue, 23 Apr 2024 17:42:44 GMT

GET
H3 200 jquery.min.js Show response
belowinvoice.com/wp-includes/js/jquery/ 88 KB
32 KB 30ms
29ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1315874
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 01:13:54 GMT
server: cloudflare
etag: W/"6424e252-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIfxAmIyUNF1dNsgK1gZhhzNeb61rF464iP7vtbwJ8LUmiOGH%2BAkZwWfU8COVS6YCBaHOKc0oxhWVK7fRMxbxKkxBGOz%2BLQst6Oop7RLUnWRnFquOz2R297JDKgEP5tHhkODSJ1d4%2BR8l3z8aJsZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e1f99b0e03a0-FRA
expires: Wed, 10 Apr 2024 21:41:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-151334160-1

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3985c37aaa7836457221f29de69a5b022e40abd2af194e6f0b04b043f66808ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 62146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Apr 2023 03:12:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XDM6HE06SK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151334160-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8b1b13ee97399e3cdb53563d0a68eb4536a4ef0ef005e6030dd8a7f94a2f9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Apr 2023 03:12:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151334160-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 02:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2191
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 27 Apr 2023 04:35:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
55 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQWQCQV

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

176e3556b640feddaf12fd38d79452b5452db1095856f6b99d5c0570da926967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 56471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Apr 2023 03:12:15 GMT

GET
H3 200 wp-emoji-release.min.js Show response
belowinvoice.com/wp-includes/js/ 18 KB
5 KB 379ms
378ms Script
application/javascript 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://belowinvoice.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 01:13:54 GMT
server: cloudflare
etag: W/"6424e252-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCwbwyUe6paSbHiqNH7%2Fw5rF1g68tdFgoZI%2Fg18eljslf4hwlVgt7e60rPRSBYefcI2DgJv14%2B31MoxeaQVPImkwCbDmhnwMsE8kkqByB5wvafFIikiXcnT1yKVdIx2KEfONdDGEb7hv9ThlDC1%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7be3e200e8ef03a0-FRA
expires: Fri, 26 Apr 2024 03:12:15 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 89ms
23ms Script
application/javascript 18.173.226.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.226.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-226-187.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 02:37:57 GMT
content-encoding: gzip
via: 1.1 3513e3cc0527cb232a5f8964bd64fa42.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 2058
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: sjIZoFv80WpmUgqIsaJO6xsgY_jfzhr3dVGor9uixZGXPcxp0n9D6A==

GET
H3 200 /
belowinvoice.com/ 143 KB
143 KB 548ms
548ms Image
text/html 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:16 GMT
x-cache-enabled: True
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyYPUaVGCwkx3nMTNv2X3VcsGvAk9KLb7cMTG8nN7NEpRY%2F6JK6bQT444eeUqq9Gcg0%2F%2BmuJ%2BlhuwLTyw2QKPx1103uliqcM1mfPzKj%2FzgXY8CzZjTAWFIk3q2EoHsqPkCtt6DchPYBa2Mgyfqfb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-ray: 7be3e201796303a0-FRA
link: <https://belowinvoice.com/wp-json/>; rel="https://api.w.org/", <https://belowinvoice.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://belowinvoice.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H3 200 audi.png
belowinvoice.com/wp-content/uploads/2020/10/ 17 KB
18 KB 27ms
27ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/audi.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8406563e696a9efe6074238072719e3a71dfea322b07ac473925c9dbcf0a6b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17792
last-modified: Wed, 21 Oct 2020 07:34:46 GMT
server: cloudflare
etag: "5f8fe496-4580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVv%2F%2FX3xXP3QIELrsdvaHDCkwUysyawhDgua9QyniPBvwCWLLDJnBCxQZ4Nyi1D5sm16YzpN8PUdSUD4rPxlVmBQ3hsVf%2FGoQI1CEODHPQh8ZEJvNe6FbwOoK9YW%2BZYKRBG9KwwDriaXonXcrh4T"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9c003a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 bmw.png
belowinvoice.com/wp-content/uploads/2020/10/ 23 KB
24 KB 31ms
29ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/bmw.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d510f2cf9a1eac85d33c64a66f693868e2715ea99c6c55ddeef45b92554fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23974
last-modified: Wed, 21 Oct 2020 07:34:56 GMT
server: cloudflare
etag: "5f8fe4a0-5da6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXTNLbZAWk5YqP%2F0d4wAFCE9XHhVnYPMpASgkEzWqZBbJ3bZULchDVZuPD3grWUAWXTg0PeeSigL3uhZCabJEHzihOnJffjMzahiRNcpPmU06dA%2B4vuX6Lg1u4xHpgTQKevj53c%2B%2BBSmuBVnnwGv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9c403a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 3B.png
belowinvoice.com/wp-content/uploads/2020/10/ 16 KB
16 KB 29ms
27ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/3B.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e34b7948a5df2d48022fb57be83f115f3764a6333652b3247a115e9fed519545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15893
last-modified: Wed, 21 Oct 2020 07:34:44 GMT
server: cloudflare
etag: "5f8fe494-3e15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFpWUgv0Ae6i5mcRZoKHcIE5PPx9MmhnV0Fez3oMn0KhwbRVvoH44t1DZ%2FJSH7J6xT9CzGUCu36VoQygBxZ3LI1AE0a2yWvlWkEESmgmUdOmgRE03v8%2BZ8n596RicMBF0pLIsKGR3b2cnwvD%2BgGU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9c803a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 ferrari.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
22 KB 35ms
33ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/ferrari.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ab6fe1052319c65f4d6475d03b59fbf27fe06e06c68cd2abae5cc82f88fe73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21642
last-modified: Thu, 03 Dec 2020 05:02:09 GMT
server: cloudflare
etag: "5fc87151-548a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXfBg0yw1htwqU%2B4SYcV9fXSIkShaNge6aHyeQHMvZg937DkfCMTVVsQaIBHDmgiRTDgFKnWs8dS47BAE2L8ttCfeHoQxNtFixgjFQV5Nhz%2F1KNrNG7gV%2BrjDgaevX39pFsVB8yzZ4weEnyy85P%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9c903a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 av.png
belowinvoice.com/wp-content/uploads/2020/10/ 20 KB
21 KB 29ms
27ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/av.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3629c118648695e15e125cb306899990b24351484db5170e39216ad2447c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20787
last-modified: Wed, 21 Oct 2020 07:34:47 GMT
server: cloudflare
etag: "5f8fe497-5133"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnnyF7G7dPkeMZUUpNSfjmkLPhWN7k8r1GlIr1mwm%2FZd14YMlFMySBytZPO4zU3SZlh9RfkiU7BRBL%2FewUREY6wvDzyOC7szEFNA%2BXtSskRJoKutILFLdCMZKo4m%2Fy9pm846Bum9q0ZiKZuj87Yl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9ca03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 axwe.png
belowinvoice.com/wp-content/uploads/2020/10/ 16 KB
16 KB 30ms
29ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/10/axwe.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74cf4e2443fccca748399dde3dd9554ae6c9aa95f81815c99823fa7617f47a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16235
last-modified: Wed, 21 Oct 2020 07:34:50 GMT
server: cloudflare
etag: "5f8fe49a-3f6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SGN51WteiGrbbvNKIwqIkd9XBMr7FYImuNutJC80aQ0Ci9NWRVTygAq8fCPpJ5CC1vr37%2B2F4XUZora9sbeLMhjkJreShBSCqlHUVw%2BHGsSBizKTeoknN8MEEVsri22K0RLQXwBYp3lbslEgdWP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9cb03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 koenigsegg.png
belowinvoice.com/wp-content/uploads/2020/12/ 22 KB
23 KB 33ms
32ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/koenigsegg.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109a16fe184d77ffb9c512db3488427fa9ff799fa22973a9d78e76ba1d057687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22490
last-modified: Thu, 03 Dec 2020 04:56:21 GMT
server: cloudflare
etag: "5fc86ff5-57da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4ZBRgh4o7nkAUC%2BKrri21Rqp8jMFlEMs8AStM3lgVqAszL5HsGsekxDZFJiRixYbdAFWuGJ2ZmzOTgFgzlIG%2BQ%2F2vVbcRjjii9FJkyj5bIA5W3szY%2BWcC%2BQAEYtI%2BUxIT3k%2B3xykrdSSOVWhA4F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9cc03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 roles-royce.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
21 KB 34ms
32ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/roles-royce.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b3e8ec3e515470172d6dfe1053fd582b7d65279da35908a5860ce0c6ea5632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21311
last-modified: Thu, 03 Dec 2020 05:00:24 GMT
server: cloudflare
etag: "5fc870e8-533f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkA8CKVtcxo3fnnprdZpMoyb942E6LdKH6KXYYz%2BhI9mSTekKTAwM62U0HyCJ8agqnWKEwn1Xec6Cc25plylXzxapqebdQ1JiDD9XLnARZeSSzFlxo2Qfvtz3is6ObD6qGZsN1xHVKcQ3A%2BK4WyW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9cd03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 lamborghini.png
belowinvoice.com/wp-content/uploads/2020/12/ 24 KB
25 KB 37ms
36ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/lamborghini.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65d2e7beb8e166642be5db0558ead8a26dd32db5cac2962c5b4b63b89521fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24826
last-modified: Thu, 03 Dec 2020 08:03:05 GMT
server: cloudflare
etag: "5fc89bb9-60fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41yNR0ex0Jnaw3k32ysgeo8Sq7EDqfCs19MC%2FQvd2mjOctogTWJCJ3vEEHc3eRvRfOctjMKfqX9o%2BP03ZR1QuFFvOUA1HxoHOOQ66YOxnM1lXzbE8WslmGaZcGHJWoXG9apJXu1ZtNG9K4L%2FlOOh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9ce03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 porsche.png
belowinvoice.com/wp-content/uploads/2020/12/ 24 KB
24 KB 39ms
38ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/porsche.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148bdc189b8c66b91359c923946134d78eedfdbfd5df2b916f9db0a62c14d5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24393
last-modified: Thu, 03 Dec 2020 05:01:03 GMT
server: cloudflare
etag: "5fc8710f-5f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw4uIwpJv4viX%2F%2FstVU4X27QBsRO45KSeprNAbKzNPGLylTpLyOUuc8XxXD1XBpiHzq8s62Wrlu6EUWxZcEf6Zq6d%2Bs3vi%2FnGnNiOnCdSnuVbFDx60ISUVorV7UXOKKzbQQAonyANPElrmBMytZC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9cf03a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 pagani.png
belowinvoice.com/wp-content/uploads/2020/12/ 19 KB
19 KB 31ms
30ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/pagani.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2030ac70761c8744bcbdd0caf930151bb61d3b780cfac65e18b71640e9bf61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19262
last-modified: Thu, 03 Dec 2020 05:03:40 GMT
server: cloudflare
etag: "5fc871ac-4b3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT1ZcwObPslDuPRS8AxXucX3%2BeEv0TCR2%2BJEOlEV9ILYpj2NNMyL2hfb%2BtWOQa%2BHRjdKfLAkiim77p29Ir6FK1HgSIjMhtzJ%2FAfensZ1Yj20ycGY%2FPNxSkoY1SAw1vlLWRzhiMfETq%2F5jOLu%2BohH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9d003a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

GET
H3 200 mercedes.png
belowinvoice.com/wp-content/uploads/2020/12/ 21 KB
22 KB 31ms
30ms Image
image/png 2606:4700:3035::ac43:add6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://belowinvoice.com/wp-content/uploads/2020/12/mercedes.png
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-b5bd0e4095116a98ece88fba502b254c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:add6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9819a83ad7c46db4918e9cf98694486e4c1cc631fd937b7ba449420269e0b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21978
last-modified: Thu, 03 Dec 2020 05:03:15 GMT
server: cloudflare
etag: "5fc87193-55da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOzZYHMvDK7JBDsqjMeu%2FzAwoxyl4AQ6LUAU7YvcsLThdmJcfsa%2FLNnpiqRmPxMH3JRHh7yF70ZtMyiDRHWi1EXPIxUI2qGaX80byruSiln659tzJt2tjF3FYa2Zdcotnyvr3QwHvsqGWwd5c1hk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7be3e201e9d103a0-FRA
expires: Fri, 26 Apr 2024 03:12:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 80ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XDM6HE06SK&gtm=45je34q0&_p=1679046009&cid=399131672.1682565136&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1682565136&sct=1&seg=0&dl=https%3A%2F%2Fbelowinvoice.com%2F&dt=Exotic%20Car%20Lease%20-%20Supercar%20%26%20Luxury%20Car%20Leasing%20-%20Below%20Invoice&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XDM6HE06SK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://belowinvoice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10943255196/ 3 KB
2 KB 118ms
63ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10943255196/?random=1682565136085&cv=11&fst=1682565136085&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbelowinvoice.com%2F&hn=www.googleadservices.com&frm=0&tiba=Exotic%20Car%20Lease%20-%20Supercar%20%26%20Luxury%20Car%20Leasing%20-%20Below%20Invoice&auid=387175625.1682565136&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQWQCQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c50f878e79f5e18910cc11f8d7408bcc9b0140f8208c18898b4192124c4a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 70ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: belowinvoice.com
URL: https://belowinvoice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 03:12:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xPe1w6bziN4PKgetRUSJwvWz4s5jliF5dHKkq+2ds3YYkJXr6nzV8fOpo83hR5BuF+qgN32+JC/sb8LloE+iUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 giotuphz13 Show response
www.clarity.ms/tag/ 615 B
973 B 171ms
112ms Script
application/x-javascript 2620:1ec:4e:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/giotuphz13?ref=gtm2
Requested by: Host: belowinvoice.com
URL: https://belowinvoice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21486149605ef042b83ceaecf7f1705d74e5e0ad552062a326cef8c8bdc10c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 27 Apr 2023 03:12:15 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0EOhJZAAAAABLlRepIJFHRYfIDxnKib/7RlJBMzFFREdFMDkxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1679046009&t=pageview&_s=1&dl=https%3A%2F%2Fbelowinvoice.com%2F&ul=en-us&de=UTF-8&dt=Exotic%20Car%20Lease%20-%20Supercar%20%26%20Luxury%20Car%20Leasing%20-%20Below%20Invoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1020757812&gjid=1338453892&cid=399131672.1682565136&tid=UA-151334160-1&_gid=1067171768.1682565136&_r=1&gtm=457e34q0&jsscut=1&z=93392647

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://belowinvoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://belowinvoice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
746 B 1041ms
976ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fbelowinvoice.com%2F&s=236322

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

560eb681819f577a7d6e454260013b06d70ab1ea3e3b71b02d84256a019c6856

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://belowinvoice.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2W4HbbR5zs7xv%2BvsqFqwx2LHT5gOD1jgE%2FtnZBzEXtcvTrCWxcMZUflffsh2eMi8GBsr3VoU%2BSXs3W9ZM03kkfd7R6qkr7cH0%2FqCjzIVt1NsMIyf4S%2BnfY5DZieBYLNvWT%2FWymJK7tIFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7be3e2053f576925-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 602592014620738 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 113ms
113ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/602592014620738?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54cf9666921ff4e0ce736410833d7056059115c860e152d605ad1547ac91aed5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Apr 2023 03:12:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XD06ityxmSl07XWlpFuF7RsVVoNZoxtDLN7GHmsGg8BuWM6i41ZWllVXXkLLLTb6qOp/UXNFnkD8GYZoo7tUvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10943255196/ 42 B
455 B 86ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10943255196/?random=1682565136085&cv=11&fst=1682564400000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbelowinvoice.com%2F&frm=0&tiba=Exotic%20Car%20Lease%20-%20Supercar%20%26%20Luxury%20Car%20Leasing%20-%20Below%20Invoice&fmt=3&is_vtc=1&random=408185573&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10943255196/ 42 B
455 B 80ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10943255196/?random=1682565136085&cv=11&fst=1682564400000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbelowinvoice.com%2F&frm=0&tiba=Exotic%20Car%20Lease%20-%20Supercar%20%26%20Luxury%20Car%20Leasing%20-%20Below%20Invoice&fmt=3&is_vtc=1&random=408185573&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 23ms
23ms Script
application/javascript 2620:1ec:4e:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/giotuphz13?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:12:15 GMT
content-encoding: br
last-modified: Mon, 24 Apr 2023 22:22:50 GMT
x-azure-ref-originshield: 0bitJZAAAAADLUH1CmUssRqEFLoWVGe27RlJBMjMxMDUwNDE3MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB451270AF0BB3"
x-azure-ref: 0EOhJZAAAAAAV8qwAmRO5TprcXxe8fMjqRlJBMzFFREdFMDkxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fcabca7c-601e-000d-761b-78e60f000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&RedC=c.clarity.ms&MXFR=207D7A91E6266A940FF66991E2266405
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&MUID=3F41CCD186C6656B2669DFD1876C6452

42 B
443 B

40ms
40ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&MUID=3F41CCD186C6656B2669DFD1876C6452
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:16 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 03:12:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1AE2EB0C6F7D4C3693555295CDD9CFEC Ref B: DUS30EDGE0722 Ref C: 2023-04-27T03:12:16Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=667FAF693BD5478BBBC16F59F6C5E926&MUID=3F41CCD186C6656B2669DFD1876C6452
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 80ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=602592014620738&ev=PageView&dl=https%3A%2F%2Fbelowinvoice.com%2F&rl=&if=false&ts=1682565136365&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682565136364.127753450&it=1682565136196&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belowinvoice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Apr 2023 03:12:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
296 B 332ms
108ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://belowinvoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://belowinvoice.com
Date: Thu, 27 Apr 2023 03:12:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
296 B 467ms
331ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://belowinvoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://belowinvoice.com
Date: Thu, 27 Apr 2023 03:12:17 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 6F37 0
49 B 41ms
41ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://belowinvoice.com
Referer: https://belowinvoice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://belowinvoice.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 03:12:16 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
296 B 104ms
103ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://belowinvoice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://belowinvoice.com
Date: Thu, 27 Apr 2023 03:12:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
belowinvoice.com/	1970-01-20 20:58:45	Name: _wpfuuid Value: 90c7bf87-eece-47ec-9724-3b1564a9600e
.belowinvoice.com/	1970-01-20 20:58:45	Name: _ga_XDM6HE06SK Value: GS1.1.1682565136.1.0.1682565136.0.0.0
.belowinvoice.com/	1970-01-20 13:32:21	Name: _gcl_au Value: 1.1.387175625.1682565136
.belowinvoice.com/	1970-01-20 20:58:45	Name: _ga Value: GA1.2.399131672.1682565136
.belowinvoice.com/	1970-01-20 11:24:11	Name: _gid Value: GA1.2.1067171768.1682565136
.belowinvoice.com/	1970-01-20 11:22:45	Name: _gat_gtag_UA_151334160_1 Value: 1
.doubleclick.net/	1970-01-20 11:22:46	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 20:08:21	Name: CLID Value: dfc04212e93a42a2bb95291685d4d124.20230427.20240426
.belowinvoice.com/	1970-01-20 20:08:21	Name: _clck Value: 1bl16j4\|1\|fb4\|0
.belowinvoice.com/	1970-01-20 13:32:21	Name: _fbp Value: fb.1.1682565136364.127753450
.bing.com/	1970-01-20 20:44:21	Name: MUID Value: 3F41CCD186C6656B2669DFD1876C6452
.c.bing.com/	1970-01-20 11:32:49	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:44:21	Name: SRM_B Value: 3F41CCD186C6656B2669DFD1876C6452
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:44:21	Name: MUID Value: 3F41CCD186C6656B2669DFD1876C6452
.c.clarity.ms/	1970-01-20 11:32:49	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:22:45	Name: ANONCHK Value: 0
.belowinvoice.com/	1970-01-20 11:24:11	Name: _clsk Value: 10b8v6i\|1682565136736\|1\|1\|u.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

belowinvoice.com
c.bing.com
c.clarity.ms
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
settings.luckyorange.net
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.26.11.16
18.173.226.187
2001:4860:4802:32::36
2606:4700:3035::ac43:add6
2620:1ec:4e:1::60
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
4.227.249.197
68.219.88.97
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
07fb73bac31b9fd70abcecf906fd376a47246ca3828ac13ce1e33f46a253a9ef
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
109a16fe184d77ffb9c512db3488427fa9ff799fa22973a9d78e76ba1d057687
148bdc189b8c66b91359c923946134d78eedfdbfd5df2b916f9db0a62c14d5f3
176e3556b640feddaf12fd38d79452b5452db1095856f6b99d5c0570da926967
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
21486149605ef042b83ceaecf7f1705d74e5e0ad552062a326cef8c8bdc10c4f
23b3e8ec3e515470172d6dfe1053fd582b7d65279da35908a5860ce0c6ea5632
2661886ecae6fd9bde22d4988c9400a628d9536d5be31a454ca47573fa05a972
2ff72ea9916be2e6c9f1ccf1f13641bec69fb4908cf6e5d2e05792ffdcf5456d
3469696dc12a3dc0509c47d862fbba33cdca1aaea747a6c4338148184c849db4
36fa779f970eee8d320c6cb68479e205a5e709e0d197b96d2528162d602e1043
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
396576617af9f96fb23244472191642f3e32c77cd1ea0677f63ee0d5b0dbaa1c
3985c37aaa7836457221f29de69a5b022e40abd2af194e6f0b04b043f66808ae
3a24b22f123e9ba4a8a8f3ae600f0cb11eeb9aa65f3e164f1f3b2d4528f5d461
3b3c9b588be40a9af63c4ff1bdb157eb3301ed28a010d6d2b52d831bad33b425
46924c367436767b6e20b52a8fbc9722eff542d0954a6fbfad0b441a2bc6218c
4c3629c118648695e15e125cb306899990b24351484db5170e39216ad2447c9f
4e8090f0113fe757548df1198284ee072a69729f3f9b6d46e20125bf890fca7e
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50c0e5fd6f8b5032ee1a7fee13f69c9c586db1097be994a83664af8f7ae26c8a
54cf9666921ff4e0ce736410833d7056059115c860e152d605ad1547ac91aed5
560eb681819f577a7d6e454260013b06d70ab1ea3e3b71b02d84256a019c6856
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
60c50f878e79f5e18910cc11f8d7408bcc9b0140f8208c18898b4192124c4a2e
681d9920df32c3155e142c03ab14d8d5e6557c371d4d3203ae0564d85013aeb5
696bf18782d8c832224b99364b3c3ed8e681294477a6750afcf3f62f82dcb278
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71b93829faea1db96a01abaf85dbf8b8491c5ccf4f23f60a43934ea72c8ac8c8
74cf4e2443fccca748399dde3dd9554ae6c9aa95f81815c99823fa7617f47a3a
75d689a6b8b82b0e76563a11ebda29c67aea7c847d0176a80dc48301ea4e5633
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7bd0fe62fd6c65cb9b59b5cafbf28dd7363173517e534901783fc851e9c51625
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8406563e696a9efe6074238072719e3a71dfea322b07ac473925c9dbcf0a6b7a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8788154fc1d15841e8d47bdab61de5a3fb55ae494da1434050fceb27f3f4f713
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
9288f1864995769550783cd52335b93dbf2cecf22f0789a809cda0233ae7e0e1
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9eadcf1138bc2067b6833c61ff6df69b0628ec30cc7845694dc9cf0896549638
abfae1d7e7edf19d70dfb3c016f5db221ce18cac5eea253f875fd21c4bc943c4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b4d510f2cf9a1eac85d33c64a66f693868e2715ea99c6c55ddeef45b92554fed
b546583fabb71b4db831cc56a8abd1ea4d21623b03b30096a87e740a438a4a74
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
e34b7948a5df2d48022fb57be83f115f3764a6333652b3247a115e9fed519545
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e473f787eac77caf338f0d206e099b3f158a4964536d203dbf6220d1b39b45dc
e5cd665706953fe81916d436b40001cf2edf6a4ee6420d8a231fefeacfd54eab
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e830e232d7536c3830fe75a1c64dbf5cc1b0ce8449660c61a7d4cb7c3acd0e4d
e95f8f1552cc6f4b83799f898ed6fdf38bfd99bbd5abfb83bcd4df064a139773
e9819a83ad7c46db4918e9cf98694486e4c1cc631fd937b7ba449420269e0b25
ec9177c485b9b43b2af79684b42e85fcd18e3651fff23e0934b4219dd60fad0e
ed2030ac70761c8744bcbdd0caf930151bb61d3b780cfac65e18b71640e9bf61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ab6fe1052319c65f4d6475d03b59fbf27fe06e06c68cd2abae5cc82f88fe73
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f65d2e7beb8e166642be5db0558ead8a26dd32db5cac2962c5b4b63b89521fba
f8b1b13ee97399e3cdb53563d0a68eb4536a4ef0ef005e6030dd8a7f94a2f9c1
ffa4e4341dce4d1f0350c51bbb384f4d24e3f2ad93abfb8b316b0e955e09c2eb

belowinvoice.com Open in urlscan Pro 2606:4700:3035::ac43:add6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

76 %IPv6

14 Domains

17 Subdomains

16 IPs

5 Countries

5485 kBTransfer

9636 kBSize

18 Cookies

2 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

belowinvoice.com Open in urlscan Pro
2606:4700:3035::ac43:add6 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

5485 kB
Transfer

9636 kB
Size

18
Cookies

90 HTTP transactions
0 data transactions