billingletter.com Open in urlscan Pro
2606:4700:3030::6815:15f4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billingletter.com/
Submission: On September 04 via automatic, source certstream-suspicious (September 4th 2021, 8:20:36 am UTC)

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 28 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3030::6815:15f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is billingletter.com.
TLS certificate: Issued by R3 on September 4th 2021. Valid for: 3 months.

This is the only time billingletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3030::6815:15f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.76.228 104.21.76.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2af::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	198.252.98.98 198.252.98.98	20068 (HAWKHOST) (HAWKHOST)
1	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:a00:18:8c54:6000:21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.2 151.101.13.2	54113 (FASTLY) (FASTLY)
1	104.21.1.239 104.21.1.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.135.42 162.159.135.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
1	2.16.186.241 2.16.186.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3038::6815:ea7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:c000:2:6f7a:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	192.0.78.196 192.0.78.196	2635 (AUTOMATTIC) (AUTOMATTIC)
2	172.96.186.243 172.96.186.243	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2606:4700:303... 2606:4700:3034::6815:3c83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.254.28.204 173.254.28.204	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	192.99.13.63 192.99.13.63	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
44	33

4 2606:4700:3030::6815:15f4 (United States)

ASN13335 (CLOUDFLARENET, US)

billingletter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.76.228 (None, )

ASN13335 (CLOUDFLARENET, US)

excelxo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2af::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.252.98.98 (Dallas, United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.98.98-static.reverse.arandomserver.com

www.sampletemplatess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a00:18:8c54:6000:21 (United States)

ASN16509 (AMAZON-02, US)

d1e4pidl3fu268.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

qph.fs.quoracdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.1.239 (None, )

ASN13335 (CLOUDFLARENET, US)

www.balancedachievement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.135.42 (None, )

ASN13335 (CLOUDFLARENET, US)

buddhaweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-241.deploy.static.akamaitechnologies.com

image.slidesharecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea7c (United States)

ASN13335 (CLOUDFLARENET, US)

steemitimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.redd.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c000:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

mlwozecuwgnq.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.78.196 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.alanpeto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alanpeto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.96.186.243 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 172.96.186.243-static.reverse.arandomserver.com

www.exceltemplate123.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3c83 (United States)

ASN13335 (CLOUDFLARENET, US)

excelspreadsheetsgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.254.28.204 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2014.justhost.com

www.wordstemplatespro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.13.63 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
4	billingletter.com billingletter.com	254 KB
2	google.com adservice.google.com www.google.com	848 B
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	exceltemplate123.us www.exceltemplate123.us	649 KB
2	alanpeto.com 1 redirects www.alanpeto.com alanpeto.com	573 KB
2	buddhaweekly.com buddhaweekly.com	262 KB
2	cloudflare.com cdnjs.cloudflare.com	90 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	663 B
1	wordstemplatespro.com www.wordstemplatespro.com	41 KB
1	excelspreadsheetsgroup.com excelspreadsheetsgroup.com	37 KB
1	optimole.com mlwozecuwgnq.i.optimole.com	85 KB
1	redd.it i.redd.it	2 MB
1	blogspot.com 1.bp.blogspot.com	39 KB
1	steemitimages.com steemitimages.com	27 KB
1	slidesharecdn.com image.slidesharecdn.com	27 KB
1	wixstatic.com static.wixstatic.com	48 KB
1	balancedachievement.com www.balancedachievement.com	102 KB
1	quoracdn.net qph.fs.quoracdn.net	175 KB
1	cloudfront.net d1e4pidl3fu268.cloudfront.net	256 KB
1	medium.com miro.medium.com	255 KB
1	sampletemplatess.com www.sampletemplatess.com	337 KB
1	pinimg.com i.pinimg.com	62 KB
1	excelxo.com excelxo.com	54 KB
1	googleapis.com ajax.googleapis.com	88 KB
44	28

	Domain	Requested by
5	pagead2.googlesyndication.com	billingletter.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	billingletter.com	billingletter.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.exceltemplate123.us	billingletter.com
2	buddhaweekly.com	billingletter.com
2	cdnjs.cloudflare.com	billingletter.com cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s10.histats.com	billingletter.com
1	www.wordstemplatespro.com	billingletter.com
1	excelspreadsheetsgroup.com	billingletter.com
1	alanpeto.com	billingletter.com
1	www.alanpeto.com	1 redirects
1	mlwozecuwgnq.i.optimole.com	billingletter.com
1	i.redd.it	billingletter.com
1	1.bp.blogspot.com	billingletter.com
1	steemitimages.com	billingletter.com
1	image.slidesharecdn.com	billingletter.com
1	static.wixstatic.com	billingletter.com
1	www.balancedachievement.com	billingletter.com
1	qph.fs.quoracdn.net	billingletter.com
1	d1e4pidl3fu268.cloudfront.net	billingletter.com
1	miro.medium.com	billingletter.com
1	www.sampletemplatess.com	billingletter.com
1	i.pinimg.com	billingletter.com
1	excelxo.com	billingletter.com
1	ajax.googleapis.com	billingletter.com
44	32

This site contains no links.

Subject Issuer	Validity	Valid
*.billingletter.com R3	`2021-09-04` - `2021-12-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.sampletemplatess.com R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2021-11-29`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
quora.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
buddhaweekly.com Cloudflare Inc ECC CA-3	`2021-08-15` - `2022-08-14`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-06` - `2022-01-02`	6 months	crt.sh
slidesharecdn.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
steemitimages.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.redd.it DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.i.optimole.com Amazon	`2021-05-12` - `2022-06-10`	a year	crt.sh
tls.automattic.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
exceltemplate123.us R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
cpcontacts.wordstemplatespro.com R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://billingletter.com/
Frame ID: B3CAD6C0EADDCA6D1C96E3B8E8F7404F
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 02A46B657EDEE4E5289AEDA2DC50E069
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4304194978577570&output=html&adk=1812271804&adf=3025194257&lmt=1630743617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbillingletter.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630743616903&bpp=3&bdt=224&idt=77&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1832763751345&frm=20&pv=2&ga_vid=2003736857.1630743617&ga_sid=1630743617&ga_hid=1565300077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C44748390%2C31062297%2C31062093&oid=3&pvsid=1844356251860704&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: 0E49EDD56212AEEA97CA3640AF201A94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 819A8936D99F8E2472BB99D49699CE3A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 062463669324E79EFC4711C3DE909AD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billing Letter

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

44
Requests

98 %
HTTPS

56 %
IPv6

28
Domains

32
Subdomains

33
IPs

5
Countries

5376 kB
Transfer

6026 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg HTTP 301
https://alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billingletter.com/ 60 KB
10 KB 5328ms
5283ms Document
text/html 2606:4700:3030::6815:15f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:15f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671f314fae10dbbb663b8477994f2081c4514cec6d8a12cc871acac621d7284e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: billingletter.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=dff5d8461f8c46a7232abb21f8757071; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GtF4zTmpOQM6qpPRraSL4AARSpJveJ9lslJtwoIp9wu8ap9%2BsQfOEtOzUCC1etwDCCpYAjICvi4Ojac8CGbe6ySF4uLXJC%2BuykV1X4FiR1%2BXyVYy85j71tMx%2BVNyOzajhacL5sKS9Iio35k7flBKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6895cc133de6d6bd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 6bdc2.css
billingletter.com/themes/default/assets_files/ 263 KB
41 KB 114ms
93ms Stylesheet
text/css 2606:4700:3030::6815:15f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://billingletter.com/themes/default/assets_files/6bdc2.css

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:15f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/default/assets_files/6bdc2.css
pragma: no-cache
cookie: PHPSESSID=dff5d8461f8c46a7232abb21f8757071
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: billingletter.com
referer: https://billingletter.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Jun 2021 16:35:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60d75744-41d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72Ll%2FL4pMUu0tBvtlZUDFH9NETqZpIHsL5s3%2FKTCm0Iq8uyKmt%2Fpiwd%2BJJFIgPkmyisIGuBAMl5MYrbUfpIt5jQ3BebFsYIDDtwW13LwNWg64%2BlqNB4jUohVQMjm5woHOjTg%2FUczXvEgZiY7eAH7gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-ray: 6895cc346e5c4abc-FRA

GET css
billingletter.com/themes/default/assets_files/ 0
0

GET
H3-29 200 sdk.js.download Show response
billingletter.com/themes/default/assets_files/ 198 KB
198 KB 20ms
19ms Script
application/octet-stream 2606:4700:3030::6815:15f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://billingletter.com/themes/default/assets_files/sdk.js.download

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:15f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://billingletter.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: PHPSESSID=dff5d8461f8c46a7232abb21f8757071
:path: /themes/default/assets_files/sdk.js.download
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billingletter.com
referer: https://billingletter.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://billingletter.com
Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 202529
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Jun 2021 16:35:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60d75744-31721"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPLiSy%2FeVBv%2BahhOJ7Wz3YE1F2KLDnphzdJwN0AjoLtga7m%2FEfF4iVnd44ZgzC6WiL05xKMSFLYsKPLhL4BpIhmjAUkwJJdeA%2FQYPCs3%2Brfk9BAC6Wsc3E%2BvH6slPX1c4QR7pJROsfmlIvCdX%2FR%2FGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 6895cc34df584abc-FRA

GET
H3-29 200 sdk.js(1).download Show response
billingletter.com/themes/default/assets_files/ 3 KB
4 KB 87ms
65ms Script
application/octet-stream 2606:4700:3030::6815:15f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://billingletter.com/themes/default/assets_files/sdk.js(1).download

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:15f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/default/assets_files/sdk.js(1).download
pragma: no-cache
cookie: PHPSESSID=dff5d8461f8c46a7232abb21f8757071
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: billingletter.com
referer: https://billingletter.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3224
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Jun 2021 16:35:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60d75744-c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wW4Yil8tKe5FowgYMWFz0V5ul3GAQDovO%2FdEqNkH7tigClFJEinmiDDZla7Pqh8prBPaMXW9QR4u7Zb17TCbY7KQTyl9uvq0PMD5FlQLkPG2jMyXZ9aHz3BW2W%2Feym8bCl59shZezbsK9IObtozVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 6895cc346e5d4abc-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 20ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://billingletter.com
Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 739125
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xESaWhHLA0z6Sw%2BXpV5UuyVFgV8bgWIuL%2BNeHwPsFtVmLXmtykjgZBLo4%2F0vWgudbBl55uzrq9t67EutNkBg6kvYhkzTneMXn3xm9uOENR6K45%2FHk9ksV0ocGKChmfnlZb2wLtDlTbUR1Efe9do8Gwh%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6895cc344b9b2b65-FRA
expires: Thu, 25 Aug 2022 08:20:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4304194978577570

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billingletter.com
Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49509
x-xss-protection: 0
server: cafe
etag: 7468415767210843005
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 08:20:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:59:45 GMT
x-content-type-options: nosniff
age: 76831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 10:59:45 GMT

GET
H3-29 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 22ms
21ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://billingletter.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 974809
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 80252
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JG9wdxIzw7eNqCnYsODW%2BMkLg1%2BZ7NB4TkHCYKJHhhsyy76uuRPWcRt9tMHCFlzNQUr1iROabXz73sW2E0ZcDraiAO4qV%2FzzgzwYxyjMnHtRLTeNMgsqH0D7qXF1t8lZ9o6aXyFRFrN3ydUN63mpfTF"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6895cc35395f63cb-FRA
expires: Thu, 25 Aug 2022 08:20:16 GMT

GET
H2 200 microsoft-excel-accounting-templates-download-3.jpg
excelxo.com/wp-content/uploads/2018/02/ 53 KB
54 KB 157ms
100ms Image
image/jpeg 104.21.76.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excelxo.com/wp-content/uploads/2018/02/microsoft-excel-accounting-templates-download-3.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.76.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40785fcf70e45b34dfb4231849616d16d31a4843fad3d3adc50b1cd234bf5b76

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 54114
last-modified: Sun, 15 Dec 2019 04:34:01 GMT
server: cloudflare
etag: "5df5b7b9-d362"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCrF5tTtw1yciAfG3rPEoDGGsOxyN0PSuoVdnESEiSjtKG%2F2MovtXAs0GxTWsBn%2BOLKo1p%2BNQGgyvhHT6jsKmP1M997ggVusXyG2POvsWzRyFNEwdvVY1%2BUmCx%2F9kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6895cc35da5b1fba-AMS
expires: Mon, 04 Oct 2021 08:20:16 GMT

GET
H2 200 eaf33c31c50bf7f40a0fa31628eec36f.jpg
i.pinimg.com/originals/ea/f3/3c/ 61 KB
62 KB 196ms
168ms Image
image/jpeg 2a02:26f0:6c00:2af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ea/f3/3c/eaf33c31c50bf7f40a0fa31628eec36f.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 354f5267ebcce83e79988370ee5ca129c877ed88225144d02c2607c4783fcb30

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.e5ba1002.1630743616.5381363
etag: "31a70d83b6f60374353b397e62a3861b"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 62757

GET
H2 200 excel-bookkeeping-template-xwtzr-luxury-simple-excel-bookkeeping-accounting-debits-and-credits-trainer-youtube-of-excel-bookkeeping-template-b3wnf.jpg
www.sampletemplatess.com/wp-content/uploads/2018/02/ 336 KB
337 KB 789ms
162ms Image
image/jpeg 198.252.98.98
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sampletemplatess.com/wp-content/uploads/2018/02/excel-bookkeeping-template-xwtzr-luxury-simple-excel-bookkeeping-accounting-debits-and-credits-trainer-youtube-of-excel-bookkeeping-template-b3wnf.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.98 Dallas, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.98-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 818179791a5dbfa36d47dba8658a7965c3361f61e3eb34616b461506764bc306

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
last-modified: Sun, 04 Feb 2018 13:28:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 344571
expires: Sat, 11 Sep 2021 08:20:17 GMT

GET
H2 200 0*yk9u0mgtoiXX1fwC.png
miro.medium.com/max/1024/ 255 KB
255 KB 168ms
135ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1024/0*yk9u0mgtoiXX1fwC.png

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0752396bda23dee1d271714b18d84bcd82a650439332b2f89136a97a2477d014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-envoy-upstream-service-time: 70
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 260631
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 6895cc359e8a4309-FRA
expires: Mon, 04 Oct 2021 08:20:17 GMT

GET
H2 200 Capture4.PNG
d1e4pidl3fu268.cloudfront.net/20cc697e-b023-4818-912d-974ec33c82c0/ 256 KB
256 KB 51ms
15ms Image
image/png 2600:9000:223c:a00:18:8c54:6000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1e4pidl3fu268.cloudfront.net/20cc697e-b023-4818-912d-974ec33c82c0/Capture4.PNG
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a00:18:8c54:6000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29e9c3676538fc056d55e2bc0431212ddc69712d99deb23ded5650319fc3cd41

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 22:51:42 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified: Mon, 19 Oct 2020 13:25:38 GMT
server: AmazonS3
age: 34115
etag: "4acdd88e85fb8eff6667dfb7f0e08e13"
x-cache: Hit from cloudfront
content-type: image/png
content-disposition: inline; filename=Capture4.PNG
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 261721
x-amz-cf-id: CEXe5OxHc2NozlrB3IN8Lt_Hwrr5HMnqY6zQ2j9Y3qqeSiJI-_-nLw==

GET
H2 200 main-qimg-2aed497d0471d2b5d2d8f69b547b417c
qph.fs.quoracdn.net/ 175 KB
175 KB 194ms
120ms Image
image/png 151.101.13.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qph.fs.quoracdn.net/main-qimg-2aed497d0471d2b5d2d8f69b547b417c
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ab473ccbd62a3a1f02a1968b4440faafa3074db1ac6e4a379021b6d8aa132a1

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: mJMne7kBpbazUkUB5mPzp2Pl6Pqtz8_8
via: 1.1 varnish, 1.1 varnish
etag: "2aed497d0471d2b5d2d8f69b547b417c"
age: 1115164
x-cache: HIT, MISS
x-amz-replication-status: COMPLETED
content-length: 178731
x-amz-id-2: PYPOpDLz6QGijSjWhIV5A8UhhqoX9C5aG4+Hvv64NDC7wwe8MfTdELb9NVw87t5jfkprb42ktT4=
x-served-by: cache-bwi5125-BWI, cache-fra19124-FRA
timing-allow-origin: *
last-modified: Thu, 13 Jul 2017 15:59:37 GMT
server: AmazonS3
x-timer: S1630743617.952305,VS0,VE89
date: Sat, 04 Sep 2021 08:20:17 GMT
x-amz-request-id: EVFB2PMDPA2J9P3D
access-control-allow-origin: *
expires: Sun, 17 Jan 2038 19:14:07 GMT
cache-control: public,max-age=315360000,immutable
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1, 0

GET
H2 200 Noble-Eightfold-Path-1-700x394.png
www.balancedachievement.com/wp-content/uploads/2020/05/ 101 KB
102 KB 132ms
51ms Image
image/png 104.21.1.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.balancedachievement.com/wp-content/uploads/2020/05/Noble-Eightfold-Path-1-700x394.png
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.1.239 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee05bac4a49fdcbf2f67e49f7590c2aca305688d844af3e7a006802b1754b1c

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90749
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 103235
last-modified: Fri, 22 May 2020 10:06:22 GMT
server: cloudflare
etag: "5ec7a41e-19343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzTA4G45eezjFbGNpa1eMb%2FtYQg2V2ag6Nam0qBUK4RWSSPDys3QIwX2xbeI853NoxCm0JXvjKAeGj2uDEPUVIK572Jfpzi54VYmwcUAoCvB%2BJRCwzLRQ1I61yeHAwuqYUElSH4dTGceVrG5X6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6895cc35fe47bdc3-AMS
expires: Wed, 08 Jun 2022 05:43:52 GMT

GET
H2 200 Buddha-Weekly-Eightfold-Path-Buddhism.jpg
buddhaweekly.com/wp-content/uploads/2015/12/ 55 KB
56 KB 602ms
394ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buddhaweekly.com/wp-content/uploads/2015/12/Buddha-Weekly-Eightfold-Path-Buddhism.jpg

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4a00d4ff68699669f8f029c12c79b7cd50052878c28bfebbc006dc6ee17681

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56683
last-modified: Tue, 05 Feb 2019 17:09:49 GMT
server: cloudflare
etag: "5c59c35d-dd6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6895cc36ce6841bc-AMS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d0431d_082bd407df0e443f88bf6ac6f8ade397~mv2.jpg
static.wixstatic.com/media/d0431d_082bd407df0e443f88bf6ac6f8ade397~mv2.jpg/v1/fit/w_2500,h_1330,al_c/ 48 KB
48 KB 287ms
225ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/d0431d_082bd407df0e443f88bf6ac6f8ade397~mv2.jpg/v1/fit/w_2500,h_1330,al_c/d0431d_082bd407df0e443f88bf6ac6f8ade397~mv2.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 02e08a03d231de2f82e9fb8a7f8402b5f0fa4104f0e989544a8048f415f93876

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
via: 1.1 google
server: openresty/1.19.9.1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1xfQMmMRdehMcSFMAX0uMtdqrTT
timing-allow-origin: *
alt-svc: clear
content-length: 49293
x-seen-by: image-manipulator-84b9567c97-vlfpv

GET
H2 200 hinduism-and-buddhism-26-638.jpg
image.slidesharecdn.com/hinduismandbuddhism-151202180244-lva1-app6892/95/ 26 KB
27 KB 510ms
310ms Image
image/webp 2.16.186.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.slidesharecdn.com/hinduismandbuddhism-151202180244-lva1-app6892/95/hinduism-and-buddhism-26-638.jpg?cb=1449079459
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-241.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 45058c852e6e6ed9659425af18c9ae6c4749dc6883b50f5c48858b154e108617

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
last-modified: Tue, 31 Aug 2021 03:55:34 GMT
server: Akamai Image Manager
etag: "d88ecf10b6d8ed43af6adeabe83c01c4"
content-type: image/webp
cache-control: private, no-transform, max-age=604800
content-length: 26878
x-cdn: AKAM
expires: Sat, 11 Sep 2021 08:20:17 GMT

GET
H2 200 image.png
steemitimages.com/DQmVnd3dEETb7sTBGVuiw52486Gc9byteMeTBZDXkArDFK1/ 27 KB
27 KB 314ms
297ms Image
image/png 2606:4700:3038::6815:ea7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steemitimages.com/DQmVnd3dEETb7sTBGVuiw52486Gc9byteMeTBZDXkArDFK1/image.png
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea907544c771d07892277a359d60042e52a4d355019008d38d4857a23d8b45c

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Sep 2021 08:20:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knCTNdhh6LinRZC%2Bz%2B8ukxl%2BSNHt39M3lzvOGooVyL0%2Bgi4eptbSOC19zja%2BWvod6enimYvFwoJq7zl3Mvpma3CHXjCRqe9SKyerA2Qn56Rw64GlbEakxbWKiP4CWyE%2F3DNZc5s4lcI%2FgLJogpJ4Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public,max-age=29030400,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6895cc35ac564e32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Root=1-61332c40-6398041e4088018a79d37b89

GET
H2 200 noble-eightfold-path.gif
1.bp.blogspot.com/_vGA-EGKtL3g/TMPMj5J0lkI/AAAAAAAADEI/XTdigoSqKnY/w1200-h630-p-k-no-nu/ 38 KB
39 KB 551ms
527ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/_vGA-EGKtL3g/TMPMj5J0lkI/AAAAAAAADEI/XTdigoSqKnY/w1200-h630-p-k-no-nu/noble-eightfold-path.gif

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5cbc36c06264f052774d46dd1468e0b99ece7f281d967ac21255941a6e6c87a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v4ef7"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="noble-eightfold-path.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39067
x-xss-protection: 0
expires: Sun, 05 Sep 2021 08:20:17 GMT

GET
H2 200 i278u7s3to841.jpg
i.redd.it/ 2 MB
2 MB 286ms
222ms Image
image/jpeg 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.redd.it/i278u7s3to841.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 68fb88142a78ba7a0e1cdf5ee7146de4f5db094cc6a3e25c0c56be35840e4236

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sat, 04 Jan 2020 04:12:13 GMT
server: snooserv
etag: "d03b2568c975c432728b80de6216c940"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1742824
expires: Thu, 31 Dec 2037 23:59:59 GMT

GET
H2 200 8_Fold_Path_Explained-1600x1033-1.jpeg
mlwozecuwgnq.i.optimole.com/_UVPvIs-_tEuGTPU/w:auto/h:auto/q:55/https://fullonzen.com/wp-content/uploads/2019/05/ 84 KB
85 KB 139ms
104ms Image
image/webp 2600:9000:2156:c000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlwozecuwgnq.i.optimole.com/_UVPvIs-_tEuGTPU/w:auto/h:auto/q:55/https://fullonzen.com/wp-content/uploads/2019/05/8_Fold_Path_Explained-1600x1033-1.jpeg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: cf2e5790673a0b6598dd67b07aa5078a2f9dbdeac81ae88e764f4f4156a71ff0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 06:09:19 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
age: 94257
x-cache: Hit from cloudfront
content-ex-length: 253192
content-disposition: inline; filename="8_Fold_Path_Explained-1600x1033-1.webp"
exec-time: 339.256367ms
content-length: 86180
x-request-id: Q8Vr-YzDlvHyX2kTtLpuW
server: Optimole
etag: ddef5df629188f1ac1a9059de7fd5a114be51dceb6cb38465f6a91e5c60476fa
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _kHMlluUNlB991mUPxuG39l64NJr71jfXpC7Q2kbV-lprNvzbd1WGA==
expires: Sat, 03 Sep 2022 06:09:19 GMT

GET
H2

200

Noble-Truths-and-Eightfold-Path-5.jpg
alanpeto.com/wp-content/uploads/2014/03/
Redirect Chain

https://www.alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg
https://alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg

572 KB
572 KB

578ms
577ms

Image
image/jpeg

192.0.78.196
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.196 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

be1969560fdfd706de7f8e9ae7b39972ac2ba4425768e2ec458fd7511dfb91ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
x-ac: 3.ams _atomic_ams
last-modified: Sat, 22 Jun 2019 05:35:34 GMT
server: nginx
etag: "5d0dbe26-8ee6b"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 585323
expires: Sat, 11 Sep 2021 08:20:17 GMT

Redirect headers

location: https://alanpeto.com/wp-content/uploads/2014/03/Noble-Truths-and-Eightfold-Path-5.jpg
date: Sat, 04 Sep 2021 08:20:17 GMT
x-ac: 3.ams
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 excel-bookkeeping-templates-free-skufs-luxury-personal-finance-spreadsheet-template-spreadsheet-of-excel-bookkeeping-templates-freen7o829.jpg
www.exceltemplate123.us/wp-content/uploads/2018/01/ 237 KB
237 KB 416ms
191ms Image
image/jpeg 172.96.186.243
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exceltemplate123.us/wp-content/uploads/2018/01/excel-bookkeeping-templates-free-skufs-luxury-personal-finance-spreadsheet-template-spreadsheet-of-excel-bookkeeping-templates-freen7o829.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.186.243 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: 172.96.186.243-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 687f19e71b9992d9173604606e33e1a33736665444f90fd95b85e27a9a456ea9

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
last-modified: Thu, 04 Jan 2018 11:00:47 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 242755
expires: Sat, 11 Sep 2021 08:20:17 GMT

GET
H2 200 free-excel-bookkeeping-template-odaul-lovely-cash-flow-excel-spreadsheet-template-spreadsheet-templates-of-free-excel-bookkeeping-templateh5s931.jpg
www.exceltemplate123.us/wp-content/uploads/2018/01/ 411 KB
411 KB 510ms
286ms Image
image/jpeg 172.96.186.243
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exceltemplate123.us/wp-content/uploads/2018/01/free-excel-bookkeeping-template-odaul-lovely-cash-flow-excel-spreadsheet-template-spreadsheet-templates-of-free-excel-bookkeeping-templateh5s931.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.186.243 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: 172.96.186.243-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 533c44e82af3909251f4fc337bf5adc78385a63c4499918e5aeb24fa10a03fee

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
last-modified: Fri, 05 Jan 2018 06:54:36 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 420937
expires: Sat, 11 Sep 2021 08:20:17 GMT

GET
H2 200 sample-accounting-spreadsheets-for-excel-microsoft-excel-bookkeeping-templates.jpg
excelspreadsheetsgroup.com/wp-content/uploads/2017/05/ 36 KB
37 KB 74ms
49ms Image
image/jpeg 2606:4700:3034::6815:3c83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://excelspreadsheetsgroup.com/wp-content/uploads/2017/05/sample-accounting-spreadsheets-for-excel-microsoft-excel-bookkeeping-templates.jpg

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3c83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8ab672cf451ad27e3514c4c0a5105bff1accfa9f49f39804ea972d907be2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2017 20:02:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5910cedc-9102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F9NhdYCCpT%2FyNUpjS6%2BR%2FAMDoHc%2B7ETiylq6k5gCeUFiqe%2BULseWpkrEAgCvWY4%2BE4eKj%2FoGRS7K%2BI%2F8Gj%2FviVSlZQiLGGJYeFBifUwvWxbV69d6qihYeqAhIJgZ8a%2BjJGZaQ866MVhApwhcKpcDpW8GvB6rugjYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 6895cc35a9644ab0-FRA
expires: Sun, 04 Sep 2022 08:20:16 GMT

GET
H2 200 bookkeeping-template-image-1.jpg
www.wordstemplatespro.com/wp-content/uploads/2016/01/ 40 KB
41 KB 792ms
184ms Image
image/jpeg 173.254.28.204
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wordstemplatespro.com/wp-content/uploads/2016/01/bookkeeping-template-image-1.jpg
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.28.204 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just2014.justhost.com
Software: Apache /
Resource Hash: 05f6fe060b26cc073381c034d47aa9c92dbd4e1f42c4d55c379ede9671ee1fb2

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
last-modified: Wed, 14 Aug 2019 13:32:58 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 41358
expires: max-age=A10368000, public

GET
H2 200 Eightfold-Path1.jpg
buddhaweekly.com/wp-content/uploads/2012/09/ 206 KB
206 KB 518ms
387ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buddhaweekly.com/wp-content/uploads/2012/09/Eightfold-Path1.jpg

Requested by

Host: billingletter.com
URL: https://billingletter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ff55bc067adaed38dc658807c2cb510d8fe969730139425ac233f707aa33ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 210738
last-modified: Tue, 05 Feb 2019 17:13:46 GMT
server: cloudflare
etag: "5c59c44a-33732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6895cc36ce6b41bc-AMS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 158ms
28ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: billingletter.com
URL: https://billingletter.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:11:37 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 723879915

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 250 KB
93 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4304194978577570&plah=billingletter.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4304194978577570

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95178
x-xss-protection: 0
server: cafe
etag: 9330497266985682447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 08:20:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 02A4 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4304194978577570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billingletter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billingletter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Sep 2021 16:02:37 GMT
expires: Fri, 17 Sep 2021 16:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 58659
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
663 B 112ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=billingletter.com&callback=_gfp_s_&client=ca-pub-4304194978577570

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4304194978577570&plah=billingletter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b42ac43f90790917c0fde5a6c6c8cfd483dffc975b4bf59c59ec6e19767898ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=billingletter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=billingletter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 08:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E49 603 B
67 B 62ms
47ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4304194978577570&output=html&adk=1812271804&adf=3025194257&lmt=1630743617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbillingletter.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630743616903&bpp=3&bdt=224&idt=77&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1832763751345&frm=20&pv=2&ga_vid=2003736857.1630743617&ga_sid=1630743617&ga_hid=1565300077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C44748390%2C31062297%2C31062093&oid=3&pvsid=1844356251860704&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4304194978577570&output=html&adk=1812271804&adf=3025194257&lmt=1630743617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbillingletter.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630743616903&bpp=3&bdt=224&idt=77&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1832763751345&frm=20&pv=2&ga_vid=2003736857.1630743617&ga_sid=1630743617&ga_hid=1565300077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C44748390%2C31062297%2C31062093&oid=3&pvsid=1844356251860704&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billingletter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billingletter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Sep 2021 08:20:17 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Sep-2021 08:35:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sat, 04 Sep 2021 08:20:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 48 B
182 B 443ms
108ms Script
text/html 192.99.13.63
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4566446&@f16&@g1&@h1&@i1&@j1630743617124&@k0&@l1&@mBilling%20Letter&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-148988892&@b3:1630743617&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fbillingletter.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.13.63 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns504751.ip-192-99-13.net
Software: /
Resource Hash: 2f1d9ee074825ef9882f8760742e46e8306aaa7b95fdbb75e890a41ef6f18eae

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 08:20:17 GMT
Connection: close
Content-Length: 48
Content-Type: text/html;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 26ms
26ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e850605d7b19f2ea025ba726686736cfddbb14c1fdd27d7c2aa7004a2aa4bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 08:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8664
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 04 Sep 2021 08:20:18 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 819A 12 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billingletter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billingletter.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 04 Sep 2021 08:12:10 GMT
expires: Sun, 04 Sep 2022 08:12:10 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0624 783 B
531 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d85993e8f434daf62e8c344a712db383eca35fcddc0607c90e07050791a7e0a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2/u1V+sMgq4uaDZRHUiOMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billingletter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billingletter.com/

Response headers

expires: Sat, 04 Sep 2021 08:20:18 GMT
date: Sat, 04 Sep 2021 08:20:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2/u1V+sMgq4uaDZRHUiOMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 819A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 16:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 16:40:17 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=1844356251860704&bg=!xcalxoLNAAYJpm41CaY7ACkAdvg8WnGHEYfr8798_150GZt4danT8dU4FAvSwI-8P3ff_ZIlVq_kMgIAAABQUgAAAAtoAQcKAMUTQ2mowWpKUPJAMhHpo3kM9g8uf_LIxM6XRTq78yWjyGldsNxrBY7pts6AXcutyMAQ3VpOteByPCeZZUTgfVMN2j5-sNRiRmdAbkXR3HI9IO8VFj9bcgtD7J86jxOiiO28xHQiFY_LGW340ENU2Z81uiDTjVSmZRSWSgC6odzS6DUKEXETAUb-wonlVH68wKHy8lacN43fMJDLyd_Thw-TwjLMXaEcsJ0vdPVpFcx2C0ZMhJMywiBH0Li1h0wfzGlQEyXrrpkCfrdbO9JNqZFpAlOuQQdG9EASKfpQgWOIfOF_e3ZTQgf0Y3ubPIGJCfY1PQbAlx4nCS-pNSP8kC3OmDTcCL22XYMrFDeHoQDHrOMWX8R_tuahE16ewZeP-J-Ju8RUKxE6H8csMEfCuBma-D2KnX1jsqbnIfheGz1IBF0PE7D3tfG45-MJo5zVDURbNqGNLDJ0MFXyq3CppdTSmRtLO3Z3TW9OK1ghA5bNvxqZzL_rvXd9kf9n3uBTu7Y5s6_xc1bro4VcdXPIANHaOx2ws14pCTxCKTJYBoIugpFc5qhQOscje6Yd-s4B9nA1jKzEnSnYE5USG-B0dP8Ltyjl26ro1bK1ryVYKGT56UAQEfQZ2Iaqc3u6PP69UfF5vkeTNpZN3DB4kfGadrQu5pPX2oDQZpq5b7wIttew_XKMET8Lx5zpdIZhbTvWOFvhGTmtYM4PsBBI9Wp-cdO0elYRqW5t0VFSgx1YTfKH95VQ0w5WjjX1iD8ZHvEiUZsVHU5ZQmUpcAtkUairVTAsq9gxZKCJp_a9tR30BOH0Ru0fxsW6YA8FiRcwg0L9TTWk5mYW68bIsVBd9JPoCVNPWO5LYbtom26WTJoKaQu_p7KrydwrWodXFHSWE_No1lrwVB4rJij0rJq77kTMP53tNJAoIduUUQ47oJA4spZF7V77hMzeNMHyuc5NSxvO2pi3Pq70eED1ZoFWCE2aLY5d-JOuK0n7YfMsonI_kn9E4Rj94Lb0sy8dOK551yXkZNwDyuVCfrhtCBfIJM2gptPWW6YdWUp3WxE0ohBorOwts4EI_eOt9ZIQjx_py5JCOfZK5xJKpiEsOhSJHPe_HRf1BtssEWoi
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billingletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: billingletter.com
URL: https://billingletter.com/themes/default/assets_files/css

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alanpeto.com
billingletter.com
buddhaweekly.com
cdnjs.cloudflare.com
d1e4pidl3fu268.cloudfront.net
excelspreadsheetsgroup.com
excelxo.com
googleads.g.doubleclick.net
i.pinimg.com
i.redd.it
image.slidesharecdn.com
miro.medium.com
mlwozecuwgnq.i.optimole.com
pagead2.googlesyndication.com
partner.googleadservices.com
qph.fs.quoracdn.net
s10.histats.com
s4.histats.com
static.wixstatic.com
steemitimages.com
tpc.googlesyndication.com
www.alanpeto.com
www.balancedachievement.com
www.exceltemplate123.us
www.google.com
www.googletagservices.com
www.sampletemplatess.com
www.wordstemplatespro.com
billingletter.com
104.21.1.239
104.21.76.228
151.101.13.140
151.101.13.2
162.159.135.42
172.217.23.98
172.96.186.243
173.254.28.204
192.0.78.196
192.99.13.63
198.252.98.98
2.16.186.241
2600:9000:2156:c000:2:6f7a:6f00:93a1
2600:9000:223c:a00:18:8c54:6000:21
2606:4700:3030::6815:15f4
2606:4700:3034::6815:3c83
2606:4700:3038::6815:ea7c
2606:4700:7::a29f:9904
2606:4700::6810:125e
2606:4700::6810:135e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:26f0:6c00:2af::1931
34.102.176.152
46.105.201.240
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02e08a03d231de2f82e9fb8a7f8402b5f0fa4104f0e989544a8048f415f93876
05f6fe060b26cc073381c034d47aa9c92dbd4e1f42c4d55c379ede9671ee1fb2
0752396bda23dee1d271714b18d84bcd82a650439332b2f89136a97a2477d014
0e850605d7b19f2ea025ba726686736cfddbb14c1fdd27d7c2aa7004a2aa4bfb
29e9c3676538fc056d55e2bc0431212ddc69712d99deb23ded5650319fc3cd41
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f1d9ee074825ef9882f8760742e46e8306aaa7b95fdbb75e890a41ef6f18eae
354f5267ebcce83e79988370ee5ca129c877ed88225144d02c2607c4783fcb30
40785fcf70e45b34dfb4231849616d16d31a4843fad3d3adc50b1cd234bf5b76
45058c852e6e6ed9659425af18c9ae6c4749dc6883b50f5c48858b154e108617
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
533c44e82af3909251f4fc337bf5adc78385a63c4499918e5aeb24fa10a03fee
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5cbc36c06264f052774d46dd1468e0b99ece7f281d967ac21255941a6e6c87a9
63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b
671f314fae10dbbb663b8477994f2081c4514cec6d8a12cc871acac621d7284e
687f19e71b9992d9173604606e33e1a33736665444f90fd95b85e27a9a456ea9
68fb88142a78ba7a0e1cdf5ee7146de4f5db094cc6a3e25c0c56be35840e4236
6ab473ccbd62a3a1f02a1968b4440faafa3074db1ac6e4a379021b6d8aa132a1
6ea907544c771d07892277a359d60042e52a4d355019008d38d4857a23d8b45c
818179791a5dbfa36d47dba8658a7965c3361f61e3eb34616b461506764bc306
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840
b42ac43f90790917c0fde5a6c6c8cfd483dffc975b4bf59c59ec6e19767898ce
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
be1969560fdfd706de7f8e9ae7b39972ac2ba4425768e2ec458fd7511dfb91ca
bee05bac4a49fdcbf2f67e49f7590c2aca305688d844af3e7a006802b1754b1c
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
ce8ab672cf451ad27e3514c4c0a5105bff1accfa9f49f39804ea972d907be2cf
cf2e5790673a0b6598dd67b07aa5078a2f9dbdeac81ae88e764f4f4156a71ff0
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071
d85993e8f434daf62e8c344a712db383eca35fcddc0607c90e07050791a7e0a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d
ee4a00d4ff68699669f8f029c12c79b7cd50052878c28bfebbc006dc6ee17681
f9ff55bc067adaed38dc658807c2cb510d8fe969730139425ac233f707aa33ba
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

billingletter.com Open in urlscan Pro 2606:4700:3030::6815:15f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

56 %IPv6

28 Domains

32 Subdomains

33 IPs

5 Countries

5376 kBTransfer

6026 kBSize

0 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

billingletter.com Open in urlscan Pro
2606:4700:3030::6815:15f4 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

56 %
IPv6

28
Domains

32
Subdomains

33
IPs

5
Countries

5376 kB
Transfer

6026 kB
Size

0
Cookies

44 HTTP transactions
0 data transactions