urlscan.io logo urlscan.io
SecurityTrails logo

bill-fixer.com Open in urlscan Pro
35.226.196.208  Public Scan

Go To Rescan Add Verdict Report
URL: https://bill-fixer.com/
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 42 HTTP transactions. The main IP is 35.226.196.208, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bill-fixer.com.
TLS certificate: Issued by R11 on July 1st 2024. Valid for: 3 months.
This is the only time bill-fixer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.226.196.208 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.196.226.35.bc.googleusercontent.com
bill-fixer.com
10    34.120.51.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.51.120.34.bc.googleusercontent.com
cdn.searchkings.ca
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:5a00:1a:3af:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
connect.podium.com
2    2600:9000:235a:4400:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)
24635.tctm.co
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:235a:1800:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
2    34.218.15.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-15-148.us-west-2.compute.amazonaws.com
lab.analyticspodium.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.google.de
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2606:4700::6812:13a1 (United States)

ASN13335 (CLOUDFLARENET, US)
mind-flayer.podium.com
2    54.70.75.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-75-220.us-west-2.compute.amazonaws.com
api2.analyticspodium.com
4    13.33.187.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-116.fra60.r.cloudfront.net
24635.tctm.co
Apex Domain
Subdomains		 Transfer
10 searchkings.ca
cdn.searchkings.ca — Cisco Umbrella Rank: 331471
220 KB
6 tctm.co
24635.tctm.co
16 KB
5 podium.com
connect.podium.com — Cisco Umbrella Rank: 37163
mind-flayer.podium.com — Cisco Umbrella Rank: 37028
193 KB
4 analyticspodium.com
lab.analyticspodium.com — Cisco Umbrella Rank: 32551
api2.analyticspodium.com — Cisco Umbrella Rank: 28534
10 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
99 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
298 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
401 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 22029
43 KB
1 bill-fixer.com
bill-fixer.com
4 KB
42 14
Domain Requested by
10 cdn.searchkings.ca bill-fixer.com
cdn.searchkings.ca
6 24635.tctm.co www.googletagmanager.com
24635.tctm.co
4 mind-flayer.podium.com connect.podium.com
3 cdnjs.cloudflare.com cdn.searchkings.ca
cdnjs.cloudflare.com
3 www.googletagmanager.com bill-fixer.com
www.googletagmanager.com
2 api2.analyticspodium.com connect.podium.com
2 fonts.gstatic.com fonts.googleapis.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 lab.analyticspodium.com connect.podium.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.de bill-fixer.com
1 region1.analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com cdn.searchkings.ca
1 www.clickcease.com bill-fixer.com
1 connect.podium.com bill-fixer.com
1 bill-fixer.com
42 16

This site contains links to these domains. Also see Links.

Domain
calendly.com
Subject Issuer Validity Valid
bill-fixer.com
R11		 2024-07-01 -
2024-09-29		 3 months crt.sh
cdn.searchkings.ca
WR3		 2024-08-04 -
2024-11-02		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.podium.com
Amazon RSA 2048 M02		 2024-04-23 -
2025-05-21		 a year crt.sh
*.tctm.co
Amazon RSA 2048 M03		 2024-07-06 -
2025-08-03		 a year crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
*.analyticspodium.com
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
podium.com
WE1		 2024-07-09 -
2024-10-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bill-fixer.com/
Frame ID: F9B655A4C9FB717F88419CBC26D9D6BE
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Southern Ontario - Kevin Thatcher & Associates Ltd

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

16
Subdomains

17
IPs

4
Countries

974 kB
Transfer

2533 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bill-fixer.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.226.196.208 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
208.196.226.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9935bbbe3de4b5cc42b53f9c472a100caf967cbd3c06166e63129ae2dfaa178d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 30 Aug 2024 01:21:14 GMT
etag
W/"6550d675-3540"
last-modified
Sun, 12 Nov 2023 13:43:17 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main-301dc2dda1.css
cdn.searchkings.ca/css/ 		100 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.searchkings.ca/css/main-301dc2dda1.css
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c2a2830d5d53ad9bf3d99f78d42b79b1a3cb669d37ab50eb3f1963ebf3feb31

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nOWouPSgT-q59Qkq2cqyzhH5l2mwQL0qtaNcjItEp3N4rplWshiW9X6IkGtpAM9KZtL1R5kXyfJrQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16369
last-modified
Mon, 11 Sep 2023 15:57:55 GMT
server
UploadServer
etag
"568e86cd593084b27fb4d032266f64ec"
vary
Accept-Encoding
x-goog-generation
1694447875267608
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=dlfEwg==, md5=Vo6GzVkwhLJ/tNAyJm9k7A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
16369
accept-ranges
bytes
logo-c3b75b02c5.png
cdn.searchkings.ca/img/assets/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/assets/logo-c3b75b02c5.png
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10a5782c1d178daa313fd6a0f50f982d330c025445e2368747d3c10fc5666adf

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nOWhFxGBLvbqNPj-l6z7uWmwpxAkhwKdhB5d7TH2wr_X8F07T7zJf1zLeVtrKbwH3EgQeT34CvELA
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24891
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"dec49eb9c2b62032bb53e2c019cc7f2c"
vary
Accept-Encoding
x-goog-generation
1629820611193761
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=LAV/OQ==, md5=3sSeucK2IDK7U+LAGcx/LA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
24891
gtm.js
www.googletagmanager.com/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSDGNPR
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dafb10344e242db04478b4775e188dd40b833a86008eade1c30767b477f03bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102711
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 00:29:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 01:21:14 GMT
script-81a95d78f0.js
cdn.searchkings.ca/js/ 		262 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.searchkings.ca/js/script-81a95d78f0.js
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d82b1126911acc0b6ce46d96d698438a70f026d1c79e34bdc7d2ae7e51c1dc21

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nMQMKvsTwBACcuM1gDNafwkR1uWNz-eFHaeWE2k4_qsq91jH1I8Otd-Scbb8icOgqGVn3K3J9GD2w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83376
last-modified
Mon, 11 Sep 2023 15:57:55 GMT
server
UploadServer
etag
"05b77104479a7509e343f1be6115eb58"
vary
Accept-Encoding
x-goog-generation
1694447875297518
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=upVIqg==, md5=BbdxBEeadQnjQ/G+YRXrWA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
83376
accept-ranges
bytes
widget.js
connect.podium.com/ 		681 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/widget.js
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5a00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33ed62b63639a2917e6e2326ab331f6a013e9048babb64850213fa0fd827bb77

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 00:33:45 GMT
content-encoding
gzip
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 15:33:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
2850
etag
"476732792522109286d3a8ee04ca3d67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
195880
x-amz-cf-id
16b_9lvFFXvB8teb9FaweduenBrojAjZK0GRcHVRNa5QAjSspxEVIg==
js
www.googletagmanager.com/gtag/ 		318 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6H5WLM208M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSDGNPR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74107fbe5c222f5292025839792e8819bcc81df3925f78171de556fdda437ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107758
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 01:21:15 GMT
t.js
24635.tctm.co/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSDGNPR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
01def74da2f39cf9dbb40e984f39f10013c010ba0954b9c50c1f169abf06ff18

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
via
1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
last-modified
Fri, 30 Aug 2024 01:21:15 GMT
server
ctm
x-amz-cf-pop
FRA60-P9
etag
W/66d11e8b0000603b392fa399-24635
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0JaxdzYHjYHVtobyPBxMxEEz2itbBDEdjil7_DEGwx3buRQWz0zGuw==
destination
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-962218653&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSDGNPR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69e1249cc122cd57c522aab31c2d7842acf402ebc82acbff4f4b7617809edbe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93689
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 00:29:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 01:21:15 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSDGNPR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 01:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
73
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 30 Aug 2024 03:20:02 GMT
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:1800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
date
Fri, 30 Aug 2024 01:21:04 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
FRA60-P9
age
13
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
V15I3iMShRm-455k8Cmk548WLmZAeiutcQwS0iFvoJHveYjsK3FdBQ==
galaxy.min.js
cdn.searchkings.ca/galaxy/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.searchkings.ca/galaxy/galaxy.min.js
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d4a2cb098accb52225b1422460faced365c02b8643c6ca1e316b52acb9abaaa2

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 00:54:38 GMT
age
1597
x-guploader-uploadid
AHxI1nNYVute_fFb1GRc98E7UJdhNLMxwzBYgoG6lIbgphg5hsr2wCmMrJtXq1x4mXlZxire3ShVv8rN_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
last-modified
Wed, 07 Aug 2024 16:23:46 GMT
server
UploadServer
etag
"6541bcedeb3581c511827c694b588c17"
x-goog-generation
1723047825953667
x-goog-hash
crc32c=pb62ZA==, md5=ZUG87es1gcURgnxpS1iMFw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
10768
accept-ranges
bytes
content-type
text/javascript
hero-banner-92841b3829.jpg
cdn.searchkings.ca/img/assets/ 		92 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/assets/hero-banner-92841b3829.jpg
Requested by
Host: cdn.searchkings.ca
URL: https://cdn.searchkings.ca/css/main-301dc2dda1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cfde5b522e35480b735ee12177e79d8595bd7d9886647e227e9d370f52912a28

Request headers

Referer
https://cdn.searchkings.ca/css/main-301dc2dda1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPWKiFN--lOXxmq3qyBFWdAIRcw4nxbF8JkGPqgSVvle7BAsErdqcOqEsyPQzKcn2WQxPE5zIeFHw
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84862
last-modified
Wed, 01 Sep 2021 13:14:38 GMT
server
UploadServer
etag
"1c3e82e0ccbba6410808b1cd8f8019bd"
vary
Accept-Encoding
x-goog-generation
1630502078226066
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=pFCc3A==, md5=HD6C4My7pkEICLHNj4AZvQ==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
84862
vardata
lab.analyticspodium.com/sdk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.218.15.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-15-148.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://bill-fixer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://bill-fixer.com
access-control-max-age
1800
age
991
apigw-requestid
dTG14hUsvHcEP3A=
cache-control
no-store
content-length
0
date
Fri, 30 Aug 2024 01:21:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Self=1-66d11aad-3b7a836c6818c4216a11edba;Root=1-66d11aad-2a6853021675ad32653d2d86
x-cache
HIT
x-cache-hits
644
x-content-type-options
nosniff
x-served-by
cache-bfi-kbfi7400089-BFI
x-timer
S1724980876.781689,VS0,VE0
vardata
lab.analyticspodium.com/sdk/ 		9 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.218.15.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-15-148.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9f144a57dbdecefc7251f86a01eb3092598d83d4d1554c7f8516bceb64fcaa0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-fixer.com/
Authorization
Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMjgiLCJkZXZpY2VfbW9kZWwiOiJMaW51eCIsImRldmljZV9pZCI6IjM2NDUzZDJmLWI2OWEtNDE5NC04ZjA1LTcxODRkNzc0YTgzYiIsInVzZXJfcHJvcGVydGllcyI6e30sInVzZXJQcm9wZXJ0aWVzIjp7InNjcmlwdFRva2VuIjoiOTZiZTQwNzktMjg1MS00YjBjLTkzZjAtMjVmZjcxMTk1MGQ3In19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-cache
MISS
cache-tag
client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
content-length
9314
apigw-requestid
dTG2Ch7EvHcEPFw=
x-served-by
cache-bfi-kbfi7400062-BFI
x-timer
S1724980877.751026,VS0,VE45
x-amzn-trace-id
Self=1-66d11e8c-3aea97841e4b93c44debfc50;Root=1-66d11e8c-2a175086056258f036263601
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bill-fixer.com
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css2
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800&display=swap&family=Merriweather&subset=wght@700&display=swap
Requested by
Host: cdn.searchkings.ca
URL: https://cdn.searchkings.ca/js/script-81a95d78f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cfb7ba19f7ad3c11d76c34b2bc47ff7d17c0faad9d12f064628e536ff2361c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 01:21:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 01:21:15 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: cdn.searchkings.ca
URL: https://cdn.searchkings.ca/js/script-81a95d78f0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10022
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2B0NMEB2k1vTRXHObyhG96C6IDX0g3OG%2BUTZLbPw9sPj4iavbN%2BbtKRVSq1oxMPxCDx%2BeypP3rMZgQLoIvz4IziMEsZcTBi5hs6tEenNj1gGjYJDXvRIB2VFnkIL1MJuIcnXK90W"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb0f686dd7e3738-FRA
expires
Wed, 20 Aug 2025 01:21:15 GMT
bankruptcy-707dd8f3f0.svg
cdn.searchkings.ca/img/svg/ 		876 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/svg/bankruptcy-707dd8f3f0.svg
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5bc475770761c10531c9f8c7ee9029786d24053320dd9a6ba93b9b50f333b5e7

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPkW02b-jYwhmkvIfF2Y_-TOsFWsIsUkqf5_rvgbEXJE1nIq_dZ5vplZXwceDzNjrrPBrpukd3iGQ
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"b61aa02e8cc3f2dc55a0c564cdad4b82"
vary
Accept-Encoding
x-goog-generation
1629820611122640
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=TXgtvA==, md5=thqgLozD8txVoMVkza1Lgg==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
453
accept-ranges
bytes
debt-consolidation-10e723fa73.svg
cdn.searchkings.ca/img/svg/ 		2 KB
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/svg/debt-consolidation-10e723fa73.svg
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c730898d69673081ba3972eef0ed6dfe44ff436ec4bd7aa96d42662c11d2738

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nOlSaePQdnAliy6RMlRfF-jtoY7lAk3UPP4e_07Qi1pc0sVvLXIr0CxnXiUtmk8pVOJgrglCbDCcw
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
705
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"52b8e031c30d0cfb71982e6e551cdaf4"
vary
Accept-Encoding
x-goog-generation
1629820611197107
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=ZlmUzQ==, md5=UrjgMcMNDPtxmC5uVRza9A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
705
accept-ranges
bytes
consumer-proposals-07c5493a75.svg
cdn.searchkings.ca/img/svg/ 		824 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/svg/consumer-proposals-07c5493a75.svg
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
16b43d932e9dc1c2827e1e20147c9ce560ec6bae6e5c5cf393fc9ca37c0efb47

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nOHqoqGXNdxK0_-_h71YfJbI8L4G-vo6OX_WKqNsrSKtYjcA0E7xWRMVh7Mc0kIg4zl9Iw
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
460
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"553f5398717a825fe4090cac394bff03"
vary
Accept-Encoding
x-goog-generation
1629820611177539
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=ZNOCGw==, md5=VT9TmHF6gl/kCQysOUv/Aw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
460
accept-ranges
bytes
credit-counselling-42d5de4ec9.svg
cdn.searchkings.ca/img/svg/ 		832 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.searchkings.ca/img/svg/credit-counselling-42d5de4ec9.svg
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ed5165bc18549a00a278d917ee96d605931c3b7ae50c74b115d677687ddea9dc

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPQ4aSZA42IpTGBoUsIq53jof-KQHp16YF1F4wDyGuNnlGnHkJJ21RcW0DgRtqg8u5uoDpZb5vKBQ
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
507
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"815e00d9921047f04a2714eccd13e4c7"
vary
Accept-Encoding
x-goog-generation
1629820611211794
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=wXqmyw==, md5=gV4A2ZIQR/BKJxTszRPkxw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
507
accept-ranges
bytes
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6H5WLM208M&gtm=45je48s0v9101697417z89101691987za200zb9101691987&_p=1724980874868&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2097814343.1724980875&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724980875&sct=1&seg=0&dl=https%3A%2F%2Fbill-fixer.com%2F&dt=Home%20-%20Southern%20Ontario%20-%20Kevin%20Thatcher%20%26%20Associates%20Ltd&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1623
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6H5WLM208M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 01:21:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bill-fixer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6H5WLM208M&cid=2097814343.1724980875&gtm=45je48s0v9101697417z89101691987za200zb9101691987&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6H5WLM208M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 01:21:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bill-fixer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6H5WLM208M&cid=2097814343.1724980875&gtm=45je48s0v9101697417z89101691987za200zb9101691987&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1667287576
Requested by
Host: bill-fixer.com
URL: https://bill-fixer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 01:21:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://bill-fixer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75728
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALmE4ecPq%2BvSF%2BVviv8yPrX70ERkyuYYZwOnTQg7uTU2RZRRed4u1VN4Cv4UXdO0Quqa0JQ%2BMHTGqXcvfqBqmk7uzWh2hGmklnYRkgZQ6RrXkouHButRgre4Bh5OkKoY5IuJK6Jk"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb0f687b924d34c-FRA
expires
Wed, 20 Aug 2025 01:21:15 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://bill-fixer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
85341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13584
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-3510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ws4YNxDkzpHab%2Fh8UvBfsu%2B1l8VjNjkMev6f8sB5ZTvKTwTz3J7bd7BovT6HuUP27FvusstsTsKZRwXOoRi%2BfWgKJIfplYRW13I9qLPFZNbMuL9HYwJkJ8uuvfZkdUzrKLUabxB"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb0f687b921d34c-FRA
expires
Wed, 20 Aug 2025 01:21:15 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800&display=swap&family=Merriweather&subset=wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bill-fixer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:07:57 GMT
x-content-type-options
nosniff
age
25998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:07:57 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;800&display=swap&family=Merriweather&subset=wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bill-fixer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:31:20 GMT
x-content-type-options
nosniff
age
24595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:31:20 GMT
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=371234145&t=pageview&_s=1&dl=https%3A%2F%2Fbill-fixer.com%2F&ul=de-de&de=UTF-8&dt=Home%20-%20Southern%20Ontario%20-%20Kevin%20Thatcher%20%26%20Associates%20Ltd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1356403730&gjid=261022675&cid=2097814343.1724980875&tid=UA-2015854-2&_gid=932642579.1724980875&_slc=1&gtm=45He48s0n81PSDGNPRv9101691987za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=884896279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 01:21:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bill-fixer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2015854-2&cid=2097814343.1724980875&jid=1356403730&gjid=261022675&_gid=932642579.1724980875&npa=1&_u=YCDAgEABAAAAAGAAI~&z=1960939351
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Aug 2024 01:21:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bill-fixer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
mind-flayer.podium.com/ 		110 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab3e1fc7cc85dd5c780a7676a849ae77de535b0ea900194557608c150518dc5

Request headers

Accept
application/json
Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bill-fixer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
8bb0f68c9b981c2a-FRA
x-request-id
F_Bc97tJqiqCU2Q-SnDR
graphql
mind-flayer.podium.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bill-fixer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://bill-fixer.com
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bb0f68879cb1c2a-FRA
content-length
0
date
Fri, 30 Aug 2024 01:21:16 GMT
server
cloudflare
vary
origin
x-request-id
F_Bc96_Hs0NIWRdc4PRB
x-robots-tag
noindex
p.js
24635.tctm.co/ 		73 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/p.js?sid=66d11e8b0000603b392fa399&p=231781.1.647.846.7929&
Requested by
Host: 24635.tctm.co
URL: https://24635.tctm.co/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
c242134303213c9497629099d6c998bee432f86fa7cf69ae7c57470fa1440b67

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
via
1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
I1IiKQxtoCpB31HRzD_7KCHH-paMVPmCTZKZNN8tOhXQzt_N4p5aQQ==
favicon-5525e86eff.png
cdn.searchkings.ca/img/assets/ 		561 B
612 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.searchkings.ca/img/assets/favicon-5525e86eff.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.51.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.51.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1b91ad88ccc69986aff5aade8494609ec4c2fa1f9ec3d15e08970c110c164383

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 01:21:15 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nNhDHcQMHC_53nMQ_8qZtl-VqvRiw0vNI3IwRUcl3Yb07MdBwBR1wk7gUR7V4N9f-p-17eH0WzcSw
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
584
last-modified
Tue, 24 Aug 2021 15:56:51 GMT
server
UploadServer
etag
"0d78a7f3a444e4df1882a39368572d5c"
vary
Accept-Encoding
x-goog-generation
1629820611127605
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=EvwRDA==, md5=DXin86RE5N8YgqOTaFctXA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
584
httpapi
api2.analyticspodium.com/2/ 		94 B
298 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.75.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-75-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c6f993f97ddfd72808416f852f75be2cefd06c1457a2abddf3eb8de1cacfeaa7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:17 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
content-length
94
apigw-requestid
dTG2FiTOPHcEJMA=
httpapi
api2.analyticspodium.com/2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.70.75.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-75-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bill-fixer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
apigw-requestid
dTG2DhSyPHcEJZg=
content-length
0
date
Fri, 30 Aug 2024 01:21:16 GMT
strict-transport-security
max-age=15768000
graphql
mind-flayer.podium.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05d29bb98b7222a8d36371b62385e9a92eb222e241891c88c54f828c7fcf699

Request headers

Accept
application/json
Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bill-fixer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
8bb0f68dec1d1c2a-FRA
x-request-id
F_Bc98hantwI5BtHfsIR
x.json
24635.tctm.co/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/x.json
Requested by
Host: 24635.tctm.co
URL: https://24635.tctm.co/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-116.fra60.r.cloudfront.net
Software
ctm /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P9
access-control-max-age
2592000
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Content-Type
x-amz-cf-id
v6D1X5Y1LU5wFuU8f8jFhM39A8f0AdrYKXd7yppMrhz5E1_-2mZ5vA==
x.json
24635.tctm.co/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/x.json
Requested by
Host: 24635.tctm.co
URL: https://24635.tctm.co/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-116.fra60.r.cloudfront.net
Software
ctm /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
server
ctm
x-amz-cf-pop
FRA60-P9
access-control-max-age
2592000
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Content-Type
x-amz-cf-id
332tQzaWTGAOD_WfGCRTUtptnkeKrYvQjKzZtuWmkXlL_5uSKeredg==
x.json
24635.tctm.co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/x.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-116.fra60.r.cloudfront.net
Software
ctm /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bill-fixer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-type
text/plain
date
Fri, 30 Aug 2024 01:21:16 GMT
server
ctm
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
x-amz-cf-id
sGuRacsL6NapN3EYa1u-n77LvN9Tgd6ptck5PYv3lKKt9LtM8ZP7Vg==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
x.json
24635.tctm.co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://24635.tctm.co/x.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.187.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-116.fra60.r.cloudfront.net
Software
ctm /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bill-fixer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-type
text/plain
date
Fri, 30 Aug 2024 01:21:16 GMT
server
ctm
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
x-amz-cf-id
2oqhK44E_9xHUFY4BYAzl3WqOEOu5vVRhOB7t4lzMsWfrODPVCm0nQ==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
graphql
mind-flayer.podium.com/ 		38 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Accept
application/json
Referer
https://bill-fixer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Aug 2024 01:21:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bill-fixer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
8bb0f68f8cb91c2a-FRA
content-length
38
x-request-id
F_Bc99eqP5BAyx2j5wRS

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| script string| target object| elem object| webpackChunkdemogorgon object| env object| regeneratorRuntime boolean| podiumWebsiteWidgetLoaded object| analyticsConnectorInstances function| _extends function| _typeof function| setFooterStyle function| googleMapheight function| bannerAutoheight function| initialize function| sidebar_js function| $ function| jQuery function| LazyLoad object| Validator object| ParsleyConfig object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| WOW object| skrollr function| Popper object| bootstrap function| Waypoint object| WebFont object| html5 object| Modernizr object| FontAwesomeConfig function| Galaxy object| PodiumWebChat function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __ctm object| __ctm_tracked_numbers boolean| __ctm_tracked object| __ctm_nodes_visible object| __ctm_nodes_clicked object| __ctm_queue object| __ctm_config function| ptTrackVistor function| ptTrackVisitor function| ptTrackEvent object| __ctmi function| __ctm_invoke object| __ctm_loaded object| __ctm_cvars object| ccConsole function| getBrowserFingerprint boolean| ccinstalled number| height

10 Cookies

Domain/Path Name / Value
.bill-fixer.com/ Name: _gcl_au
Value: 1.1.896697931.1724980875
24635.tctm.co/ Name: ct24635
Value: 66d11e8b0000603b392fa399
.bill-fixer.com/ Name: AMP_MKTG_16a5c84b5b
Value: JTdCJTdE
.bill-fixer.com/ Name: _ga_6H5WLM208M
Value: GS1.1.1724980875.1.0.1724980875.60.0.0
.bill-fixer.com/ Name: _ga
Value: GA1.2.2097814343.1724980875
.bill-fixer.com/ Name: _gid
Value: GA1.2.932642579.1724980875
.bill-fixer.com/ Name: _dc_gtm_UA-2015854-2
Value: 1
.bill-fixer.com/ Name: __ctmid
Value: 66d11e8b0000603b392fa399
bill-fixer.com/ Name: __ctmid
Value: 66d11e8b0000603b392fa399
.bill-fixer.com/ Name: AMP_16a5c84b5b
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIzNjQ1M2QyZi1iNjlhLTQxOTQtOGYwNS03MTg0ZDc3NGE4M2IlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI0OTgwODc1MjU3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyNDk4MDg3NTU2OSU3RA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24635.tctm.co
api2.analyticspodium.com
bill-fixer.com
cdn.searchkings.ca
cdnjs.cloudflare.com
connect.podium.com
fonts.googleapis.com
fonts.gstatic.com
lab.analyticspodium.com
mind-flayer.podium.com
region1.analytics.google.com
stats.g.doubleclick.net
www.clickcease.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
104.17.25.14
13.33.187.116
142.250.185.195
2001:4860:4802:32::36
2600:9000:21f3:5a00:1a:3af:f5c0:93a1
2600:9000:235a:1800:15:a0d3:77c0:93a1
2600:9000:235a:4400:12:de4a:40:93a1
2606:4700::6812:13a1
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c1d::9c
34.120.51.207
34.218.15.148
35.226.196.208
54.70.75.220
01def74da2f39cf9dbb40e984f39f10013c010ba0954b9c50c1f169abf06ff18
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
10a5782c1d178daa313fd6a0f50f982d330c025445e2368747d3c10fc5666adf
16b43d932e9dc1c2827e1e20147c9ce560ec6bae6e5c5cf393fc9ca37c0efb47
1b91ad88ccc69986aff5aade8494609ec4c2fa1f9ec3d15e08970c110c164383
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
33ed62b63639a2917e6e2326ab331f6a013e9048babb64850213fa0fd827bb77
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
4c730898d69673081ba3972eef0ed6dfe44ff436ec4bd7aa96d42662c11d2738
5bc475770761c10531c9f8c7ee9029786d24053320dd9a6ba93b9b50f333b5e7
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
69e1249cc122cd57c522aab31c2d7842acf402ebc82acbff4f4b7617809edbe0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74107fbe5c222f5292025839792e8819bcc81df3925f78171de556fdda437ce1
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
9935bbbe3de4b5cc42b53f9c472a100caf967cbd3c06166e63129ae2dfaa178d
9ab3e1fc7cc85dd5c780a7676a849ae77de535b0ea900194557608c150518dc5
9c2a2830d5d53ad9bf3d99f78d42b79b1a3cb669d37ab50eb3f1963ebf3feb31
9cfb7ba19f7ad3c11d76c34b2bc47ff7d17c0faad9d12f064628e536ff2361c7
9f144a57dbdecefc7251f86a01eb3092598d83d4d1554c7f8516bceb64fcaa0d
a05d29bb98b7222a8d36371b62385e9a92eb222e241891c88c54f828c7fcf699
c242134303213c9497629099d6c998bee432f86fa7cf69ae7c57470fa1440b67
c6f993f97ddfd72808416f852f75be2cefd06c1457a2abddf3eb8de1cacfeaa7
cfde5b522e35480b735ee12177e79d8595bd7d9886647e227e9d370f52912a28
d4a2cb098accb52225b1422460faced365c02b8643c6ca1e316b52acb9abaaa2
d82b1126911acc0b6ce46d96d698438a70f026d1c79e34bdc7d2ae7e51c1dc21
dafb10344e242db04478b4775e188dd40b833a86008eade1c30767b477f03bed
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5165bc18549a00a278d917ee96d605931c3b7ae50c74b115d677687ddea9dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4