urlscan.io logo urlscan.io
SecurityTrails logo

investmentbill.com Open in urlscan Pro
194.195.84.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://investmentbill.com/
Submission: On June 11 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 49 HTTP transactions. The main IP is 194.195.84.79, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is investmentbill.com.
TLS certificate: Issued by R3 on June 8th 2022. Valid for: 3 months.
This is the only time investmentbill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    194.195.84.79 (Germany)

ASN47583 (AS-HOSTINGER, CY)
investmentbill.com
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
a.omappapi.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    134.209.139.131 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
inpage.eu.adopexchange.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    138.68.123.32 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
tracking.eu.iojdsvn0.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
s.adoppop.com
Apex Domain
Subdomains		 Transfer
16 investmentbill.com
investmentbill.com
211 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 146
210 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
148 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 82
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 48
5 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5023
56 KB
2 gstatic.com
fonts.gstatic.com
75 KB
1 adoppop.com
s.adoppop.com — Cisco Umbrella Rank: 112665
21 KB
1 iojdsvn0.com
tracking.eu.iojdsvn0.com — Cisco Umbrella Rank: 21433
164 B
1 w.org
s.w.org — Cisco Umbrella Rank: 687
786 B
1 adopexchange.com
inpage.eu.adopexchange.com
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8201
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 816
476 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 434
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
49 16
Domain Requested by
16 investmentbill.com investmentbill.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 pagead2.googlesyndication.com investmentbill.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.googletagmanager.com investmentbill.com
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 a.omappapi.com investmentbill.com
a.omappapi.com
2 fonts.gstatic.com fonts.googleapis.com
1 s.adoppop.com
1 tracking.eu.iojdsvn0.com 1 redirects
1 s.w.org
1 inpage.eu.adopexchange.com cdn.jsdelivr.net
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net investmentbill.com
1 fonts.googleapis.com investmentbill.com
49 18

This site contains links to these domains. Also see Links.

Domain
example.com
3qap.com
Subject Issuer Validity Valid
investmentbill.com
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
a.omappapi.com
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.eu.jod23jgo32.com
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2021-11-24 -
2022-12-25		 a year crt.sh

This page contains 5 frames:

Primary Page: https://investmentbill.com/
Frame ID: 8C8C1D7CD3B460F3ECE936E038C51CEF
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: 75DB76E5EFA2D64EE3793D81B767CDC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7595626770095273&output=html&adk=1812271804&adf=3025194257&lmt=1654936797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestmentbill.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654936797417&bpp=2&bdt=1013&idt=321&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5972007024928&frm=20&pv=2&ga_vid=1464412854.1654936797&ga_sid=1654936798&ga_hid=974271975&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31065742&oid=2&pvsid=1951622525196894&pem=971&tmod=1492859317&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: E8E9B6614C47F5FBD3F83D0D134556AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FD763DEB549D8DE33B5C4687383AB55
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E2569129CB4581EFEC7BDCB7C25E614
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

اهلا بك تعلم العملات الرقمية! - Investmentbill

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

49
Requests

98 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

17
IPs

3
Countries

770 kB
Transfer

2014 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://tracking.eu.iojdsvn0.com/rtb/feedimpression_inpage?feedid=inpzone3017&subid=site_11416_3017&uuid=83461b58-3708-410b-a881-93a8ed9a1332&ep=IY3RKPDWWKGFQWHHGBJBHVM7QISWK6ZJSUZHZN6GV2OCXEEC22HRIRU2PVD2IMTQGGZ7NSMYJS6RXJDS5IOTVHCLD6XBL5FOG3QKDSBCOZZSJW43GWAJBD433YYWJ7VAOZC6EEAZVXIGELTFJ3A76MNGKBVLDQ2HXIWONLQMPBKFSYAAOZ4RGK5MLEC64NNGNUDHEXSZMQ27URQQYTPEMWV2U4KOWY7PMNPG6UELBH23STYBLJQENEOIDNKCZIPWIYVBW4WBO42Q76URRBGFLR5UKVVAMPIXTN2ZMHDMISBVADIQIXA4XABC5RG2VSS2FN4MQ6AVQZ3MVZBFIIXNB6V2KUYI2GPZJNWFCR4BF23IKGNINC5Q2LWB2VDS43ULRV6MAMF64Q3SRKWTAFAFFEVGLUKGO2VF56TDEEJKZXIZQWHZNNUQ%3D%3D%3D%3D HTTP 302
  • https://s.adoppop.com/images/icon/email3.png

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
investmentbill.com/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.29
Resource Hash
aefc1305565144ee8b9571a38b61ef6eb1abc772d34cb6b4ad2e695affa5757f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
13257
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 08:39:56 GMT
etag
"1193-1654901272;br"
link
<https://investmentbill.com/wp-json/>; rel="https://api.w.org/" <https://investmentbill.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json" <https://investmentbill.com/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.4.29
js
www.googletagmanager.com/gtag/ 		194 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3eac44253114abf8dd207afc970afd5cea8f2f2463d3250720a86542eabf3921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70627
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:56 GMT
wp-emoji-release.min.js
investmentbill.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"48b9-62a1a47c-1fa490feb1e7b058;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
4572
expires
Sat, 18 Jun 2022 08:39:56 GMT
style-rtl.min.css
investmentbill.com/wp-includes/css/dist/block-library/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"15a87-62a1a47c-c0512550ae1a1f40;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
10637
expires
Sat, 18 Jun 2022 08:39:56 GMT
wpforms-full.min.css
investmentbill.com/wp-content/plugins/wpforms-lite/assets/css/ 		39 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:43:01 GMT
server
LiteSpeed
etag
"9be9-62a1a485-1998bdbc0c72f850;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
5031
expires
Sat, 18 Jun 2022 08:39:56 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c843aa0d1103ba0f2c5c1f0e9063c6e1131eed0df30d5b28a09bfd8374f061f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 08:39:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Jun 2022 08:39:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Jun 2022 08:39:56 GMT
genericons-neue.css
investmentbill.com/wp-content/themes/reykjavik/assets/fonts/genericons-neue/ 		23 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/fonts/genericons-neue/genericons-neue.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
843d327fab062c3f4d4e17f3d4b566b0f5f0ef77dc64ccf8fc45bb24c8727751
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"5c52-62a386c0-c38b388780af1fa7;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
13985
expires
Sat, 18 Jun 2022 08:39:56 GMT
main-rtl.css
investmentbill.com/wp-content/themes/reykjavik/assets/css/ 		155 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/css/main-rtl.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6774191b9cf57bf8ca4f85bc06b1915154ce8b611a6b4578a3b01106377448a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"26cc5-62a386c0-709a0c937fcf2225;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
23586
expires
Sat, 18 Jun 2022 08:39:56 GMT
blocks-rtl.css
investmentbill.com/wp-content/themes/reykjavik/assets/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/css/blocks-rtl.css?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2ba91d41b031efa7a2b119fd6004e927702072fb7d8d7c874532e5bd52c653b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"3ad7-62a386c0-482ffe9de86d98af;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2651
expires
Sat, 18 Jun 2022 08:39:56 GMT
css-vars-ponyfill.min.js
investmentbill.com/wp-content/themes/reykjavik/library/js/vendors/css-vars-ponyfill/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/library/js/vendors/css-vars-ponyfill/css-vars-ponyfill.min.js?ver=v2.4.7
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2c049e2645f062c349703323ee0ec996a783872b2ef86070ed6f137af23c8432
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"5a30-62a386c0-f946f784f5ab2fdc;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7427
expires
Sat, 18 Jun 2022 08:39:56 GMT
frontend-gtag.min.js
investmentbill.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.3
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:43:08 GMT
server
LiteSpeed
etag
"2e7a-62a1a48c-ec29a516af96ed0b;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3019
expires
Sat, 18 Jun 2022 08:39:56 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-231302988-1
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0f89295b02989fabbd2859c58fde5ac06b6749fe9b7ccff68d45d8003740886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40795
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:57 GMT
jquery.min.js
investmentbill.com/wp-includes/js/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"15db1-62a1a47c-906a1ac2dcf2dfb7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
30027
expires
Sat, 18 Jun 2022 08:39:56 GMT
jquery-migrate.min.js
investmentbill.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Thu, 09 Jun 2022 07:42:52 GMT
server
LiteSpeed
etag
"2bd8-62a1a47c-7d96b1df7c56f880;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3984
expires
Sat, 18 Jun 2022 08:39:56 GMT
a11y-menu.dist.min.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/vendors/a11y-menu/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/vendors/a11y-menu/a11y-menu.dist.min.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5a3d425d8c7e7c0b29b4c57cac7c9d353310663487522eb21af2905fe93a80ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:56 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"1688-62a386c0-708f85cec531d1b4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1798
expires
Sat, 18 Jun 2022 08:39:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e5e6bbe57ba87a3dc41afb8d190cd8f6d9e2fc3c2bed8186784f45326b5e5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56301
x-xss-protection
0
server
cafe
etag
7735088632895183653
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:39:57 GMT
stack-of-nine-golden-bitcoins.jpg
investmentbill.com/wp-content/uploads/2022/06/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investmentbill.com/wp-content/uploads/2022/06/stack-of-nine-golden-bitcoins.jpg
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a02c3f0609ba0330ee2c06c7aa596e1221eba8d52f6bb41ca1ec735ecce79a38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
last-modified
Fri, 10 Jun 2022 18:06:42 GMT
server
LiteSpeed
etag
"16918-62a38832-3ea6a5a887c2dbe7;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
92440
expires
Sat, 18 Jun 2022 08:39:57 GMT
bundle.js
cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/bundle.js
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74be86e0df5f88032c07baa8cb0c4020f641f72bce7e88e898d7b299bd40d44e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
1.0.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-iad-kiad7000031-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"b676-rN3LVDM0hU49PJZL3+q6qOKvExk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP%2F%2Fuqx1tOc%2BdJhdSxci5MrozjjvtoJ%2F91LwLWzBzcZ9jt2XTxIvzoUx8yOaBey%2BqP0pXohhXufoU5q%2FHhqfaRNrKdQOclqIXqizR3BsTZeTQKa5DJZVv1%2BmtUj08wcylGpgRaV5d2oWXNubesM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71990a06ac735476-LHR
skip-link-focus-fix.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		835 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/skip-link-focus-fix.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e19681bcc74d38930852534d554fffc6930f50ff05a2f18d6e4d07e6d8f9a779
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"343-62a386c0-aa74774f507713c1;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
420
expires
Sat, 18 Jun 2022 08:39:57 GMT
scripts-navigation-mobile.min.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		908 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/scripts-navigation-mobile.min.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0b5d94d6ecb2833c94db10c833f21eca5284b0cf5621a00a000b380b79e0a4c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"38c-62a386c0-460feea24c655e9b;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
363
expires
Sat, 18 Jun 2022 08:39:57 GMT
scripts-global.js
investmentbill.com/wp-content/themes/reykjavik/assets/js/ 		779 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investmentbill.com/wp-content/themes/reykjavik/assets/js/scripts-global.js?ver=2.1.0
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.195.84.79 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
14d79127b478895c3be8d76f698efe7bdf1f54a67282a5badbe2fd2a5d08ab14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
last-modified
Fri, 10 Jun 2022 18:00:32 GMT
server
LiteSpeed
etag
"30b-62a386c0-515c3fde7fb81e91;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
374
expires
Sat, 18 Jun 2022 08:39:57 GMT
collect
www.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=974271975&_z=ccd.tdB&cid=1464412854.1654936797&gdid=dZGIzZG&ul=en-us&sr=1600x1200&_s=1&sid=1654936796&sct=1&seg=0&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-231302988-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7a75113a1373e8da03938a0fd39c130dda7c14564190b7044287625c93d950b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39801
x-xss-protection
0
expires
Sat, 11 Jun 2022 08:39:57 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options
nosniff
age
378468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 23:32:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C700%7COpen+Sans%3A300%2C400%2C700&subset=latin&ver=2.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://investmentbill.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:05 GMT
x-content-type-options
nosniff
age
315172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:05 GMT
api.min.js
a.omappapi.com/app/js/ 		189 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: investmentbill.com
URL: https://investmentbill.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
892ea632a364c2124e67fc5c066c87e1afd109c56a7e5fdae2e3fd3423a7aa5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
cdn-edgestorageid
549
perma-cache
HIT
cdn-storageserver
DE-197
cdn-cachedat
06/09/2022 19:47:17
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 19:44:55 GMT
cdn-proxyver
1.02
cdn-fileserver
310
etag
W/"62a24db7-2f298"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
b09b2a9925bb71f3c22a00193d830e74
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-231302988-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1249
date
Sat, 11 Jun 2022 08:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 10:19:08 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=974271975&_z=ccd.tdB&cid=1464412854.1654936797&gdid=dZGIzZG&ul=en-us&sr=1600x1200&_s=2&sid=1654936796&sct=1&seg=0&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=scroll&_et=5&ep.forceSSL=true&ep.link_attribution=true&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/ 		338 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c205a139874ce3dd65533d1fd872a77caf9e1eba377f4c1e45965a7fcd09e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121901
x-xss-protection
0
server
cafe
etag
2558129277309594338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:39:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame 75DB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7595626770095273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 16:06:35 GMT
etag
14734731752043123527
expires
Fri, 24 Jun 2022 16:06:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.min.css
a.omappapi.com/app/js/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
br
cdn-edgestorageid
766
perma-cache
HIT
cdn-storageserver
DE-165
cdn-cachedat
06/10/2022 05:52:46
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 20:54:08 GMT
cdn-proxyver
1.02
cdn-fileserver
301
etag
W/"62a25df0-464c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
ab1d71175d109a17d25bb26003dc19af
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=974271975&t=pageview&_s=1&dl=https%3A%2F%2Finvestmentbill.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1891677313&gjid=1096683142&cid=1464412854.1654936797&tid=UA-231302988-1&_gid=2013891066.1654936798&_r=1&gtm=2ou680&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&z=1424123569
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://investmentbill.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:39:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		12 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=investmentbill.com&callback=_gfp_s_&client=ca-pub-7595626770095273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=investmentbill.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E8E9 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7595626770095273&output=html&adk=1812271804&adf=3025194257&lmt=1654936797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finvestmentbill.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654936797417&bpp=2&bdt=1013&idt=321&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5972007024928&frm=20&pv=2&ga_vid=1464412854.1654936797&ga_sid=1654936798&ga_hid=974271975&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31065742&oid=2&pvsid=1951622525196894&pem=971&tmod=1492859317&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 08:39:57 GMT
expires
Sat, 11 Jun 2022 08:39:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220608&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0eaec56bbbccaca0f8f011d3ee2e5c36cb076c03014166249a802ef64264483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Jun 2022 08:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10495
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=974271975&t=timing&_s=2&dl=https%3A%2F%2Finvestmentbill.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2250&pdt=169&dns=167&rrt=0&srt=172&tcp=349&dit=1587&clt=1587&_gst=1682&_gbt=1871&_cst=861&_cbt=1678&_u=YCDACUABBAAAAC~&jid=&gjid=&cid=1464412854.1654936797&tid=UA-231302988-1&_gid=2013891066.1654936798&gtm=2ou680&z=1660499339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 09:29:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83402
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7595626770095273&plah=investmentbill.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 08:39:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FD7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 08:36:07 GMT
expires
Sun, 11 Jun 2023 08:36:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E25 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5706c0c6f7d4f4123e88f9a3a867f6c89c8e3306544bcc99b15bb1c9a33af7fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ms3mZ27QrUMOQF2SRE-ZNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://investmentbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ms3mZ27QrUMOQF2SRE-ZNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 08:39:58 GMT
expires
Sat, 11 Jun 2022 08:39:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
pagead2.googlesyndication.com/bg/ Frame 8FD7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
236157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13889
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 15:04:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220608&jk=1951622525196894&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8FD7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8CXiIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:39:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220608&jk=1951622525196894&bg=!MDOlM3fNAAaJfvByqX47ACkAdvg8WnZW5zBOjk-44RLCH016OGGLGr-xWnouoQ6uaxFHADxzZGbzwQIAAABaUgAAAAJoAQcKAJ_01BVx-uRbNR_StT1_pv3TuNMejHe7D8PaBaHkw4MLU1PZTxwZtF42YngUNo4Ps31vp4h2nUHK5S-gJTXDpGxcdYtGfoNLQmNcFvldKd16umX6JGUc5c1TnKtL6R5TQRoGPJlzC0tz64LTe3aWxnPXbchbUp1u3fGzcnbgW7GZAt7ev87Zylr3FuOzyuYS77N7uZGsxi_oe2u_8Cctkq-ZAp_lLsOPOySy2t4pjAn6Vn1vLo8v6VUnH5rGGtcp2ev-iwmX6zxovm4rWaYCYJKTEyox0TOvmJViR20ouOLX1UqPJ5S1Q2AGPmxQBpyfbhFdn1ibk7trCWQ_ZrI22aSk5rtVfb719KpYgnoLAUelFOwaG-B9eO1NPlcXD_0PZhhlmI4UWuZ9E8WLjo9KfBLYpSQqQtJ-kqMIomxv9HP18RrjNRALhuA4ZZFBQm9VDhxSqYNlYjdu3dzPFb9KpsWN_RMf29T1Wcl_udPsQZ6PIGg8_AOK4uUFGbeF6Zl72Gjth_2ZprovIwDbTohgDlSkJGoRbkb2UnHYdxsTyQK9n4sSgGALdY6dX3aOQnm7gq3z45yJ536HCGidDRlmXjEzEA_Q7gShUPCeuPlUZyK7ghuI6HpJhCvn1KF_J8W3LcQUtARkg9tOcqT88zwaRMO1emrKEU0ofR7z2tH1OKa8bWEFFzTO5wVryrdDoAMd1DNBHsj06dB-f6ejHTGh9msUXJAKL9TjF4l4WA3szVDw9V5MgfGkmCmCOCzHga_JJ39B7j1tF7JtFLZw3Q3kHFqBllpgHCKRcmsYJPyIddWZd53_ZXQaO7BnXpZONoAo1CUgdUSI0zl5b2G3__KgPmyyGLSSdlAXXGvFahScrshs9oPQ3FcmrrNCW3aD-g77FHxBOLmkP8K0dCaD7P9DgOJwGWwfezihyA_qVVjYRSVI6UAMqVE9-No2L-uS1d9WB3LORXKw_AmrbVzOsnOjW3S-xLvqi_5zTZi-nNlZ7DoGOAY6Ej-o5EMjvqFitf3J9Yic8OJ1nbiS8OTHNXlxlVxhWkGnvX_Nq4FM8fHkVPJWsS-7O8JX3Gca8L7aJPaSFwsdzxTk8lUhouL_Mg1VxcAtig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
inpage
inpage.eu.adopexchange.com/rtb/search/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://inpage.eu.adopexchange.com/rtb/search/inpage?feedid=inpzone3017&subId=site_11416_3017&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/102.0.5005.61%20Safari/537.36&count=3&format=json&keywords=best,price&url=https://investmentbill.com/&domain=investmentbill.com
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/adoperator/inpage@latest/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.139.131 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
70a3b274a33acd2e8eb0b80b532df1dd1fea0d215c062c272bd13f48abe286be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Jun 2022 08:39:59 GMT
access-control-allow-credentials
true
content-length
1825
content-type
application/json;charset=utf-8
1f4e9.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		1 KB
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f4e9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
a89afc0447548c9ba47bfd811bd3a3703d6dd0f4f897c842268424c76a9277d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Sat, 11 Jun 2022 08:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
email3.png
s.adoppop.com/images/icon/
Redirect Chain
  • https://tracking.eu.iojdsvn0.com/rtb/feedimpression_inpage?feedid=inpzone3017&subid=site_11416_3017&uuid=83461b58-3708-410b-a881-93a8ed9a1332&ep=IY3RKPDWWKGFQWHHGBJBHVM7QISWK6ZJSUZHZN6GV2OCXEEC22HR...
  • https://s.adoppop.com/images/icon/email3.png
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adoppop.com/images/icon/email3.png
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5297ac5e26ed4bcd26b0bebf4e3bd970cd545683081cb7bdfeace3b2f21e48

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 08:40:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1530279
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20837
last-modified
Tue, 07 Sep 2021 15:51:24 GMT
server
cloudflare
etag
"61378a7c-5165"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARHAeYn2rc%2FiKN9ogGwNyOAHMDf7IMp1PVoji2zhqDPtzm5rFEFHEft9znX6n8d8DAC8ayvFG62WH8zyYznKZ6FHeSTxCPtdgs2Dac2UPpX8qme6UIuxvIJ2X4U50WSGl3Rr%2FDGFXGMn0RkD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
71990a1b3f1a773d-LHR
expires
Thu, 23 Jun 2022 15:35:21 GMT

Redirect headers

location
https://s.adoppop.com/images/icon/email3.png
date
Sat, 11 Jun 2022 08:39:59 GMT
referrer-policy
no-referrer
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GJZ319WS8S&gtm=2oe680&_p=974271975&_z=ccd.tdB&cid=1464412854.1654936797&gdid=dZGIzZG.dZTNiMT&ul=en-us&sr=1600x1200&_s=3&sid=1654936796&sct=1&seg=1&dl=https%3A%2F%2Finvestmentbill.com%2F&dt=%D8%A7%D9%87%D9%84%D8%A7%20%D8%A8%D9%83%20%D8%AA%D8%B9%D9%84%D9%85%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D9%82%D9%85%D9%8A%D8%A9!%20-%20Investmentbill&en=page_view&_ee=1&_et=494
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJZ319WS8S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://investmentbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 08:40:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://investmentbill.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| twemoji object| wp object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| cssVars function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| a11yMenuConfig object| regeneratorRuntime function| AdopInPagePush object| $reykjavikBreakpoints object| omapi_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| _omapp function| OptinMonsterApp boolean| om_loaded object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.investmentbill.com/ Name: _ga_GJZ319WS8S
Value: GS1.1.1654936796.1.1.1654936797.0
.investmentbill.com/ Name: _ga
Value: GA1.2.1464412854.1654936797
.investmentbill.com/ Name: _gid
Value: GA1.2.2013891066.1654936798
.investmentbill.com/ Name: _gat_gtag_UA_231302988_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inpage.eu.adopexchange.com
investmentbill.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.adoppop.com
s.w.org
tpc.googlesyndication.com
tracking.eu.iojdsvn0.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
134.209.139.131
138.68.123.32
142.250.185.226
192.0.77.48
194.195.84.79
2606:4700::6810:5914
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:802::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a06:98c1:3120::3
84.17.46.53
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b5d94d6ecb2833c94db10c833f21eca5284b0cf5621a00a000b380b79e0a4c6
0c5297ac5e26ed4bcd26b0bebf4e3bd970cd545683081cb7bdfeace3b2f21e48
14d79127b478895c3be8d76f698efe7bdf1f54a67282a5badbe2fd2a5d08ab14
1c205a139874ce3dd65533d1fd872a77caf9e1eba377f4c1e45965a7fcd09e01
2ba91d41b031efa7a2b119fd6004e927702072fb7d8d7c874532e5bd52c653b9
2c049e2645f062c349703323ee0ec996a783872b2ef86070ed6f137af23c8432
3eac44253114abf8dd207afc970afd5cea8f2f2463d3250720a86542eabf3921
46b5704fa095e95e6438958294328987e77a98da51226be28a5265823f7d2a68
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5706c0c6f7d4f4123e88f9a3a867f6c89c8e3306544bcc99b15bb1c9a33af7fe
5a3d425d8c7e7c0b29b4c57cac7c9d353310663487522eb21af2905fe93a80ff
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6774191b9cf57bf8ca4f85bc06b1915154ce8b611a6b4578a3b01106377448a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a3b274a33acd2e8eb0b80b532df1dd1fea0d215c062c272bd13f48abe286be
74be86e0df5f88032c07baa8cb0c4020f641f72bce7e88e898d7b299bd40d44e
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
7e5e6bbe57ba87a3dc41afb8d190cd8f6d9e2fc3c2bed8186784f45326b5e5e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843d327fab062c3f4d4e17f3d4b566b0f5f0ef77dc64ccf8fc45bb24c8727751
892ea632a364c2124e67fc5c066c87e1afd109c56a7e5fdae2e3fd3423a7aa5f
a02c3f0609ba0330ee2c06c7aa596e1221eba8d52f6bb41ca1ec735ecce79a38
a0eaec56bbbccaca0f8f011d3ee2e5c36cb076c03014166249a802ef64264483
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a89afc0447548c9ba47bfd811bd3a3703d6dd0f4f897c842268424c76a9277d5
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
aefc1305565144ee8b9571a38b61ef6eb1abc772d34cb6b4ad2e695affa5757f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0f89295b02989fabbd2859c58fde5ac06b6749fe9b7ccff68d45d8003740886
c843aa0d1103ba0f2c5c1f0e9063c6e1131eed0df30d5b28a09bfd8374f061f9
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e19681bcc74d38930852534d554fffc6930f50ff05a2f18d6e4d07e6d8f9a779
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a75113a1373e8da03938a0fd39c130dda7c14564190b7044287625c93d950b
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581