paymybill.guru Open in urlscan Pro
35.209.4.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paymybill.guru/
Effective URL:
https://paymybill.guru/
Submission: On October 27 via api (October 27th 2022, 8:52:20 pm UTC) from US — Scanned from DE

Summary HTTP 165 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 21 domains to perform 165 HTTP transactions. The main IP is 35.209.4.234, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is paymybill.guru.
TLS certificate: Issued by R3 on October 2nd 2022. Valid for: 3 months.

This is the only time paymybill.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	35.209.4.234 35.209.4.234	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
10	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	3.126.163.185 3.126.163.185	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
165	19

31 35.209.4.234 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.4.209.35.bc.googleusercontent.com

paymybill.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.163.185 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-163-185.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	785 KB
31	paymybill.guru 1 redirects paymybill.guru	582 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 209	184 KB
22	gstatic.com www.gstatic.com fonts.gstatic.com	249 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 189	233 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	4 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 663	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	922 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 940	417 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1435	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9234	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1372	350 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 644	766 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 640	463 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	701 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
165	21

	Domain	Requested by
33	pagead2.googlesyndication.com	paymybill.guru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
31	paymybill.guru	1 redirects paymybill.guru
30	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
15	www.gstatic.com	googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net paymybill.guru
10	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
2	pixel.rubiconproject.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	paymybill.guru
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
165	25

This site contains no links.

Subject Issuer	Validity	Valid
*.paymybill.guru R3	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://paymybill.guru/
Frame ID: 0EF865238822FE31DD794E2109B7A9B4
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: BABD2FE3DC68285FD4B732DD8E340556
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&adk=1812271804&adf=3025194257&lmt=1666884478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaymybill.guru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935283&bpp=7&bdt=792&idt=259&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6036369080437&frm=20&pv=2&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: D81F5D7855A37E2D0AEDACA5A152A39A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=0&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935290&bpp=2&bdt=800&idt=282&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uZU0rOEJaQ&p=https%3A//paymybill.guru&dtd=285
Frame ID: EC3D863827376C842ACBE91F3DB35722
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1CA9116B75CAAF36EB4C3C46D5EF4DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAE788E9C1D44CA4D2B72B0A47CC0162
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: D641D37941C9CB9D07A913879F99F1BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12
Frame ID: 7FDB898F55F2FA28D16CA60D62E6C0E3
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15
Frame ID: 476B18AC944ACB92E78B3E5B52E82FD1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: CF7955DD2F8E44E3A4EBE0BFB5565A9F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: DD2E3E358AAD9F12AB428F4580BCF39C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6CD581A483CA97C60A410D012951F314
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019
Frame ID: CF11749B2FC1949E30814862E1FCBB6F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 6B04C03FB74DDD420E5872507593C381
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AE995E73D919750ABC0AB2E6A548301
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 0236E5E6696F51A83380AF40B316C471
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 94A62E5BE99D4400AE0069F84C56E1A9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 84764BD220DD8E81EE9E17091DEC20DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: A89DD29E5F2FDE5464FB6EE4BCFFE9AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay My Bill Guru - PayMyBill.GuruPay My Bill Guru - PayMyBill.Guru

Page URL History Show full URLs

http://paymybill.guru/ HTTP 301
https://paymybill.guru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

165
Requests

95 %
HTTPS

57 %
IPv6

21
Domains

25
Subdomains

19
IPs

4
Countries

2104 kB
Transfer

5121 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paymybill.guru/ HTTP 301
https://paymybill.guru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CDGuviVDnNfeLy08ahdJOwicX7oaJVw&google_gid=CAESEAd50GYYqeSjh2bQB1Lcz8o&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CDGuviVDnNfeLy08ahdJOwicX7oaJVw&google_gid=CAESEAd50GYYqeSjh2bQB1Lcz8o&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcyMDUyMTgwMDAxNjE4NTE4ODk0Mw%3D%3D&google_push=AZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CDGuviVDnNfeLy08ahdJOwicX7oaJVw

Request Chain 129

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAyNk22m0UMAUxhg4cGOd7Y&google_cver=1&google_push=AZmPxg8UhfFVJba4tZsbCW4J353By-hMY07oGuEdg5XnLLXq6gaeh4DXEyzdCWXMRuVM3GmRtcNw9natHXc6QryppIy96TVJakVQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAyNk22m0UMAUxhg4cGOd7Y&google_cver=1&google_push=AZmPxg8UhfFVJba4tZsbCW4J353By-hMY07oGuEdg5XnLLXq6gaeh4DXEyzdCWXMRuVM3GmRtcNw9natHXc6QryppIy96TVJakVQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8UhfFVJba4tZsbCW4J353By-hMY07oGuEdg5XnLLXq6gaeh4DXEyzdCWXMRuVM3GmRtcNw9natHXc6QryppIy96TVJakVQ

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH3Pn1LcBs9ymX0Pu1ewHZg&google_cver=1&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-UIq5kKw1eD-cFWFQIpMfe1cn2- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFMkUtMjEtOFhTMg==&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-UIq5kKw1eD-cFWFQIpMfe1cn2-

Request Chain 131

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_cver=1&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1zSRFq_o_Fb34s552C3EaLBiCxmQEiqQvzS7Dh9JSwGbSMs-_EY7p023N-K6YfMNW HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1zSRFq_o_Fb34s552C3EaLBiCxmQEiqQvzS7Dh9JSwGbSMs-_EY7p023N-K6YfMNW&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1zSRFq_o_Fb34s552C3EaLBiCxmQEiqQvzS7Dh9JSwGbSMs-_EY7p023N-K6YfMNW

Request Chain 157

https://d.agkn.com/pixel/2175/?google_gid=CAESEBUPEAYmW3hAyi1TLx_3-Fo&google_cver=1&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w&google_hm=Q0FFU0VCVVBFQVltVzNoQXlpMVRMeF8zLUZv

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAyNk22m0UMAUxhg4cGOd7Y&google_cver=1&google_push=AZmPxg_T72tc5R5VW_p8qnyoNTA9cS26QKnSp0phwFBAn4KWkHL_db7IUaNbsK6x7JxeTrezZGCCCmvEknqQPNgQzI-KeJob3qst HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_T72tc5R5VW_p8qnyoNTA9cS26QKnSp0phwFBAn4KWkHL_db7IUaNbsK6x7JxeTrezZGCCCmvEknqQPNgQzI-KeJob3qst

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH3Pn1LcBs9ymX0Pu1ewHZg&google_cver=1&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn4bCZxQktFZLj-UE5l2bGdsE-r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFNlQtMjgtNkZFTQ==&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn4bCZxQktFZLj-UE5l2bGdsE-r

Request Chain 162

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_cver=1&google_push=AZmPxg-AUPoQuaPnTrYkK-r4KHfw-dx9U8orGHpDiFJb8oN3mbB0CORYNHO5IRFiHo4aCsoLKsYwHBJH5T44d_YcFdj86U1LcQw4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-AUPoQuaPnTrYkK-r4KHfw-dx9U8orGHpDiFJb8oN3mbB0CORYNHO5IRFiHo4aCsoLKsYwHBJH5T44d_YcFdj86U1LcQw4

165 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paymybill.guru/
Redirect Chain

http://paymybill.guru/
https://paymybill.guru/

107 KB
23 KB

627ms
243ms

Document
text/html

35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d09b318a7d829da0037166ec941dee75e68efff1612ab528b66022ddb4ed9f15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 20:52:14 GMT
expires: Thu, 27 Oct 2022 20:52:14 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
last-modified: Thu, 27 Oct 2022 15:27:58 GMT
server: nginx
vary: Accept-Encoding
x-httpd: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_MAX_AGE_ZERO

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 27 Oct 2022 20:52:13 GMT
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Location: https://paymybill.guru/
Server: nginx
X-HTTPS-Enforce: 1
X-Proxy-Cache-Info: DT:1

GET
H2 200 224591af19579bb1e741cbace6d2a1c0.css
paymybill.guru/wp-content/cache/min/1/ 235 KB
42 KB 146ms
141ms Stylesheet
text/css 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/cache/min/1/224591af19579bb1e741cbace6d2a1c0.css
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f808305317a7424f060942022d07888b34fe8f0e27e0511025a3f5c49f1bded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Thu, 06 Oct 2022 15:58:24 GMT
server: nginx
etag: W/"633efb20-3abdc"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 jquery.min.js Show response
paymybill.guru/wp-includes/js/jquery/ 87 KB
30 KB 269ms
264ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Sat, 24 Jul 2021 07:37:03 GMT
server: nginx
etag: W/"60fbc31f-15db1"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
paymybill.guru/wp-includes/js/jquery/ 11 KB
4 KB 269ms
266ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Fri, 11 Dec 2020 04:43:15 GMT
server: nginx
etag: W/"5fd2f8e3-2bd8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 rhicons.woff2
paymybill.guru/wp-content/themes/rehub-theme/fonts/ 24 KB
24 KB 269ms
267ms Font
font/woff2 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/fonts/rhicons.woff2?3oibrk
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c79b77b501a0fd228b7424ab0dc4486b66936658e72a39985f18ed38231e8841

Request headers

Referer: https://paymybill.guru/
Origin: https://paymybill.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
last-modified: Thu, 11 Mar 2021 20:57:00 GMT
server: nginx
etag: "604a841c-5fec"
x-proxy-cache-info: DT:1
content-type: font/woff2
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 24556
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 cropped-AdobeStock_115258238.jpg
paymybill.guru/wp-content/uploads/2017/09/ 4 KB
4 KB 190ms
189ms Image
image/webp 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/2017/09/cropped-AdobeStock_115258238.jpg
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cca3bc776f3c3612ea8386ed6eb35d10dca61f6504840f1f669d852cb188b6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
last-modified: Fri, 30 Apr 2021 20:52:02 GMT
server: nginx
etag: "608c6df2-fc2"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4034
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 403 noimage_336_220.png
paymybill.guru/wp-content/themes/rehub-theme/images/default/ 73 KB
73 KB 214ms
212ms Image
text/html 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS

GET
H2 200 inview.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 1 KB
929 B 134ms
134ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/inview.js?ver=1.1
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b5930fd8bc0b23403e579c514332fdf590d95f678f3ca2a75547b46db8e69771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Wed, 09 Dec 2020 22:23:01 GMT
server: nginx
etag: W/"5fd14e45-58e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 pgwmodal.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 4 KB
2 KB 146ms
146ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/pgwmodal.js?ver=2.0
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Sat, 15 Aug 2020 17:17:10 GMT
server: nginx
etag: W/"5f381896-11ee"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 unveil.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 7 KB
3 KB 153ms
151ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/unveil.js?ver=5.2.1
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Mon, 29 Jun 2020 22:10:38 GMT
server: nginx
etag: W/"5efa66de-1c44"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 hoverintent.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 2 KB
1 KB 163ms
161ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/hoverintent.js?ver=1.9
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Wed, 25 Dec 2019 15:05:40 GMT
server: nginx
etag: W/"5e037ac4-7f6"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 countdown.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 4 KB
1 KB 170ms
169ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/countdown.js?ver=1.1
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Mon, 22 Nov 2021 17:28:55 GMT
server: nginx
etag: W/"619bd357-1041"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
H2 200 custom.js Show response
paymybill.guru/wp-content/themes/rehub-theme/js/ 21 KB
6 KB 182ms
180ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/js/custom.js?ver=17.9.2
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1de8808529d5490b269bbd6f951e057e457b992172124e96311c1dccd0748b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:14 GMT
content-encoding: br
last-modified: Sun, 26 Dec 2021 11:08:08 GMT
server: nginx
etag: W/"61c84d18-53e8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:14 GMT

GET
DATA 200
OK truncated Show response
/ 504 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faeadd15b1d5c676be56f89e646fab73e657384a93f063128e3a0b2d83e71241

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd48a3aa39e064ef4c1d48a6e6264f40260003ad60824c9aa8ccac4ff0c70f52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 toggle.js Show response
paymybill.guru/wp-content/plugins/AZGlossaryIndex/js/ 751 B
501 B 129ms
128ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/AZGlossaryIndex/js/toggle.js?ver=6.0.3
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 92dea0e7d06079abb718b3cd7592df9b43386e7deaa7660e6ac687b77e843c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 02 Nov 2017 20:25:04 GMT
server: nginx
etag: W/"59fb7f20-2ef"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 acp-custom.js Show response
paymybill.guru/wp-content/plugins/advanced-calculator/js/ 82 KB
10 KB 138ms
136ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/advanced-calculator/js/acp-custom.js?ver=01
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3dc8f458ab5d800080480d9ec4c818e1a72e8594049408a75aac8c983f4cea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Tue, 08 May 2018 07:35:48 GMT
server: nginx
etag: W/"5af15354-147fd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 stopbadbots.js Show response
paymybill.guru/wp-content/plugins/stopbadbots/assets/js/ 735 B
478 B 145ms
143ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/stopbadbots/assets/js/stopbadbots.js?ver=6.0.3
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a3bc611b7a36d5face9c4d7ecefcbcc831209427b99a84814eaa89cda62c685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 11:58:57 GMT
server: nginx
etag: W/"63231381-2df"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 171 KB
55 KB 172ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paymybill.guru
URL: https://paymybill.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166fe28bc64343573acee93919d704dec6eb62e2eb7be3261ac75b15b50c0284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55842
x-xss-protection: 0
server: cafe
etag: 1169264540102107747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H2 200 ads.js Show response
paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
293 B 153ms
152ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 11:58:04 GMT
server: nginx
etag: W/"6323134c-4e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 index.js Show response
paymybill.guru/wp-content/plugins/contact-form-7/includes/swv/js/ 9 KB
3 KB 162ms
161ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 11:58:15 GMT
server: nginx
etag: W/"63231357-25d0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 index.js Show response
paymybill.guru/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 171ms
169ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 11:58:15 GMT
server: nginx
etag: W/"63231357-2fb3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 front.min.js Show response
paymybill.guru/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 177ms
176ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 09 Sep 2021 15:53:20 GMT
server: nginx
etag: W/"613a2df0-17cb"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 ads.js Show response
paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
293 B 184ms
183ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.59
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 11:58:04 GMT
server: nginx
etag: W/"6323134c-4e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
55 KB 160ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7655395707560128

Requested by

Host: paymybill.guru
URL: https://paymybill.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9887adb97341b25cb39b8a4bdc788bfad648219cf1ba1e0f112eb89e5bd8ed89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Origin: https://paymybill.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55827
x-xss-protection: 0
server: cafe
etag: 14039236178136927188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 146ms
51ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108033343-2

Requested by

Host: paymybill.guru
URL: https://paymybill.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

870efe5f52b1d906909c04a226af6e8c12eb360ead7a9921c859dec3766c1427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43637
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:15:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H2 403 noimage_336_220.png
paymybill.guru/wp-content/themes/rehub-theme/images/default/ 73 KB
73 KB 297ms
288ms Image
text/html 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS

GET
H2 200 www-hulu-com-nfwu8oi5ycka7355mb666ym2u5mrxagbri0c5us9wa.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 46 KB
46 KB 161ms
153ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-hulu-com-nfwu8oi5ycka7355mb666ym2u5mrxagbri0c5us9wa.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2dc6c2f374c71ad9057471acf9a5c9576007b8c63ed533f8a8e6ac3376ce57a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-b7d3"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 47059
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 www-we-energies-com-1-p6hwrih6pdgd0gyz3q43mz2c4rmvkh0hwv3c332axg.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 35 KB
35 KB 171ms
163ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-we-energies-com-1-p6hwrih6pdgd0gyz3q43mz2c4rmvkh0hwv3c332axg.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e8fe94c7f55acca9eae3680ee02705e8ffc646fdff1749254d36b4050b46ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-8ce5"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 36069
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 healthy-kaiserpermanente-org-nof3ag1wrz5peb6n2s5etoluedcnbly6cuefuyky36.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 42 KB
42 KB 215ms
208ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/healthy-kaiserpermanente-org-nof3ag1wrz5peb6n2s5etoluedcnbly6cuefuyky36.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f9fe868757f33b9292ef2f4a32b406d83b7923587cc81d8d4298de3ddee02dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-a652"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 42578
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 www-huntington-co-p6huojujo0u53zuvttm7ae1ynj42pgf4lu4b9o7l38.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 25 KB
25 KB 215ms
208ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-huntington-co-p6huojujo0u53zuvttm7ae1ynj42pgf4lu4b9o7l38.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f2c4c0fdaa838ddc42e3722adfe0c38ef02ca5a4c39f2d784258cf791afbfb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-64e3"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 25827
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 www-bmw-usa-com-np26kdvi2fihn035lxme3h63jy7d84urshqkfl3cme.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 49 KB
49 KB 214ms
208ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-bmw-usa-com-np26kdvi2fihn035lxme3h63jy7d84urshqkfl3cme.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9f85af38adb25e324011b90859631fa3403fc60ec0d1c17968ae59dd35f50a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-c2d3"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 49875
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 www-buckeyebroad-band-com-p6hwfpm4w9ar8q440mgqby9zmlsyxa5tmg7v60k93k.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 31 KB
31 KB 214ms
209ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-buckeyebroad-band-com-p6hwfpm4w9ar8q440mgqby9zmlsyxa5tmg7v60k93k.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cea3c73ac0808546ff0065dd23aab1fe317e8fa6189a3b55e368a48bfefaa1c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-7b66"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31590
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 www-consolidatedcom-nr0v29z6inlinb88wcsv323z04518g0jvrf6161zd8.png
paymybill.guru/wp-content/uploads/thumbs_dir/ 39 KB
40 KB 214ms
209ms Image
image/png 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paymybill.guru/wp-content/uploads/thumbs_dir/www-consolidatedcom-nr0v29z6inlinb88wcsv323z04518g0jvrf6161zd8.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 265d7f99cd4e0c4bcac4538a14e9e193a593cb4530aff58ffe56eccfa9937abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
last-modified: Thu, 12 May 2022 11:09:13 GMT
server: nginx
etag: "627cead9-9da4"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 40356
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 lazyload.min.js Show response
paymybill.guru/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 185ms
185ms Script
application/javascript 35.209.4.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paymybill.guru/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: paymybill.guru
URL: https://paymybill.guru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.4.234 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.4.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
last-modified: Thu, 06 Oct 2022 15:55:36 GMT
server: nginx
etag: W/"633efa78-2063"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 27 Oct 2023 20:52:15 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7655395707560128&plah=paymybill.guru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba79438b8242ab024da84859f9c12141e8ee5e60c787319991205fa74162f0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118751
x-xss-protection: 0
server: cafe
etag: 10353151023248961882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame BABD 10 KB
5 KB 151ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:38:25 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 18:38:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
55 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7655395707560128

Requested by

Host: paymybill.guru
URL: https://paymybill.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9911b9e726f2a9060537e33f4ec37cc57696b03c14829904e87525ef1d1bf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Origin: https://paymybill.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55830
x-xss-protection: 0
server: cafe
etag: 12600542063145911772
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 142ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108033343-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 19:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5781
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 27 Oct 2022 21:15:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
701 B 125ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paymybill.guru&callback=_gfp_s_&client=ca-pub-7655395707560128&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7655395707560128&plah=paymybill.guru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

153127e225266567e6fc681d8b40906b0da2187bfae0b96fb7a1939c6f5e9226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paymybill.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paymybill.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D81F 273 KB
68 KB 1351ms
1273ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&adk=1812271804&adf=3025194257&lmt=1666884478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaymybill.guru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935283&bpp=7&bdt=792&idt=259&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6036369080437&frm=20&pv=2&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbcfc03bd3cba8c1af22841739c0498a2d72c81fc8febb7641ea8cc1b46a09da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:16 GMT
expires: Thu, 27 Oct 2022 20:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c98c62101ffb0ade51cf3beb05618ca527def79d0fb93457db83699243a58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11328
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC3D 95 KB
32 KB 686ms
619ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=0&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935290&bpp=2&bdt=800&idt=282&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uZU0rOEJaQ&p=https%3A//paymybill.guru&dtd=285

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08167d4b9fa78e9f4850c897f1320976535aaf586134813a9e7693f7887dd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33162
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:16 GMT
expires: Thu, 27 Oct 2022 20:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 123ms
45ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1498597604&t=pageview&_s=1&dl=https%3A%2F%2Fpaymybill.guru%2F&ul=en-us&de=UTF-8&dt=Pay%20My%20Bill%20Guru%20-%20PayMyBill.Guru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=70218738&gjid=1330130140&cid=1914506548.1666903936&tid=UA-108033343-2&_gid=568032976.1666903936&_r=1&gtm=2ouaq0&z=1745230807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paymybill.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paymybill.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 170ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A1CA 13 KB
5 KB 118ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:23:32 GMT
expires: Fri, 27 Oct 2023 18:23:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FAE7 783 B
1 KB 127ms
47ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fb2cfee2dc7dc873e298292efb3e4174881b415aad46249bda2c1e1af752f34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Yn6mtj1QuMmaCUdenH73g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2Yn6mtj1QuMmaCUdenH73g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:15 GMT
expires: Thu, 27 Oct 2022 20:52:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame A1CA 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FAE7 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=3105025659257105&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A1CA 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GwkkHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame EC3D 8 KB
1 KB 137ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=0&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935290&bpp=2&bdt=800&idt=282&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uZU0rOEJaQ&p=https%3A//paymybill.guru&dtd=285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 20:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 20:52:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame EC3D 2 KB
765 B 41ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame EC3D 23 KB
9 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame EC3D 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame EC3D 17 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC3D 152 KB
47 KB 140ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:16 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame EC3D 33 KB
14 KB 131ms
36ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC3D 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcsZsf-9aY5TTKa6U7APPj4GgCaHzvpFt3KSmrtIQrIfs25QOEAEguKfDkwFgleKQgqAHoAHq-4LfAsgBCagDAcgDywSqBPQBT9DUwwq8Y-CGKsIlAOc4kYPrv0h7__nc1vT2ciU29rBlE2cxa0L5HuZOnoGlZws927K0x7PyyLcj-E5gGY9OV0yjIUNFQAbUfQDXOhRecil9Br1E8pqXbyE4VwU0sPJQvqIfetWXpNeG91WUvNaLbCZy8ErkvHY6csdip68m5IWJckGaocC71lk1ptdePEe-RQ5SJcLJOS3vptRfDacWTbdWI7HpxtYjx_5UWs8jfae18LfCjnOs9ypjiAkyDNpoFa2QyJpPP-a_wGJGwCF7aJvtjbhyWSzZGytNpbbAVyPlj_aEsoC648Q_IApQa-LxCye6JcAEpcqK5o4EkgUECAQYAZIFBAgFGASgBi6AB_6D_aABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-JAR0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzY1NTM5NTcwNzU2MDEyOBgA&sigh=tW9Im0bXvNA&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=0&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903935290&bpp=2&bdt=800&idt=282&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uZU0rOEJaQ&p=https%3A//paymybill.guru&dtd=285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 20:52:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 20:52:16 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8153618508990122848/ Frame EC3D 65 KB
65 KB 40ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8153618508990122848/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23304a132612b2251d5658daaa6e2dc0ac12889110431ab5bee23fdb5fc24d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 09:38:03 GMT
x-content-type-options: nosniff
age: 558853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66399
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 20:25:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 09:38:03 GMT

GET
DATA 200
OK truncated
/ Frame EC3D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EC3D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EC3D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd925cefcc6f5ac61b1b0c191587d70fa00785b1923c5da04647ec4d08ca98d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EC3D 28 KB
28 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 130052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 08:44:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=3105025659257105&bg=!WlmlWR3NAAZPh4lnb4c7ACkAdvg8WjO_i8Lx8aMFry9XBWrfs3DF4i4a_8RzGxtiYrwkgc1lGjGuFQIAAABsUgAAAAJoAQeZAqIEkQPsHT3JZGMEujlPDWeotGtQKk5EnCLx9sJTpNi8K42oH39mZ4IYlmpYnh7zCEivIebzUECJTYOJ5K8QmL6NiIOf61RWLlgDpqOdCglAEvQpqhs8TSyUajIi-KW2gnnGHmNKcEe8Hj3EeRO0MnWXxR9CXVaPCoQMgsC8AcePLtm0PlSJXX8nE4fAzGjdiHQm_sm3Bw3dthk0koPxWfmJrjNJBZjaxws2BbJW3hH0DXOGEkhREHaKqz62-8EaLRODrez9NvS82L4yTfkB3x-fkevoqO89kZTbYqdrg6swadnsl3lsDUBj-0LcxPsppJProAUqPtSP6CxwahwQK0wBHSIdkfZwZlGTTHzhGUA7Y5XdAMwrwiEzc9mtilci_lOJjhLNQixQUZT4U8-EZakWNvEcERpPFDPKQtTCABNPz-RpVO5ly9dj7nf5Ypj40EVR8PlbBujwSRAm79Z7V87wl529N04WwRK8thUn9e6oZ9Ytb_rHi5E8hKpCKOuEjkhRQCTHwH7NyJJQDd-qjXNFZpxLhCdQ0rET6i8Hn7z_wbLQmRrgt1c-r0hBMk_pcrnBNWm-zU3hSDT_qN4qiP7a3FveLPcwpiXTvAMJNME4pfL9gpV5qt88N5LhXF2UvpwxfDSQpYjmQE72c1GiEZppDlk_g1MHk0s6p3cSrXR10h7cgGB3L9fboC3U84690FrbYjVr3IQp2RI38BUthLS0iRtoyOYT02xY8fo6EIyl2yKIfNm4apr55zZ-tfTlZgVu6gcQYSPu9N0FVN7ADy1URdh8OCduQJqeIQ9nxS6V3X82RV4pLSCHHRJc4tbLn1N0CD_HccPkgp9IwX2D2fuuYh7RmC5i8jKJnisPC4gmIxcx8LMadTrxRjYdib6Zxk8uDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame D641 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 151 KB
51 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae9b13fa55c149a7168cb41c70b2cc0dbae03250424074e1afbabffcb1ad153d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52382
x-xss-protection: 0
server: cafe
etag: 6641174989706920305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 20:52:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 118ms
45ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paymybill.guru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paymybill.guru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymybill.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FDB 93 KB
34 KB 849ms
849ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efec3d7aef5d7781105e88d957747c91ef9e0daf73ef1ed75f04b7b57de83e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34799
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 476B 93 KB
34 KB 536ms
536ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47110b4d14ab9f0a28ae50ff94958a7e1beac19428e7d8e5425032fdf1257dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34981
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame CF79 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame DD2E 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymybill.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame CF79 4 KB
636 B 128ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:01:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CF79 205 B
229 B 121ms
39ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 19:44:07 GMT
x-content-type-options: nosniff
age: 4090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 19:44:07 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CF79 604 B
628 B 119ms
38ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 19:39:02 GMT
x-content-type-options: nosniff
age: 4395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 19:39:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame CF79 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:52:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD2E 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiLi2f-9aY4X_KMOs9u8Pk8WV-AS8k8SPbZz6nZ2ZEMbi2baLDhABILinw5MBYJXikIKgB6AB59Kt2gHIAQKpAgx4wEtnRZI-qAMByAPJBKoE-wFP0EG98AEnfbGkTNB7SbihaHmG2NqpM6fclG7o1yRv8RDFR75lOmD0HXC7Q66n2YrJ_M6BVLBGRDxicnEHW4h6ybgGV_t0JL_sts18OAT_4yqTHnA3ZmUKAiTN1MPLtvmyIx9vQSYbjXXKaYb1ruBphblV3SfcRWikjI7BUBWZW2z-h1-gk8vMme1JYTH_QJNbU4mYTCB_DnewLHbmx0hHiEG0DQHsWeq_4J3hPgKoilBYOpe7ZbG-bRXHaWWQzV1CbkpYVPtB_W77b_icOVobCEwRA-B-uZgZEZTldU5swhNUgGvE0eePFWnrCrZDo8y8qABki-RqlrNLsMAEp6Xb0IkEkgUECAQYAZIFBAgFGASgBgKAB4Gt0qUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8eQM0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzY1NTM5NTcwNzU2MDEyOBgA&sigh=C1-AvB2OU8M&uach_m=[UACH]

Requested by

Host: paymybill.guru
URL: https://paymybill.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame DD2E 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 8012252823294037972
tpc.googlesyndication.com/daca_images/simgad/ Frame DD2E 51 KB
51 KB 119ms
119ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8012252823294037972

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daabe4a04d1befe87705d6cc50785a59807215e635706e8106d53fcf153d1415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52684
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 11:55:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 20:52:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame DD2E 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame DD2E 17 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD2E 152 KB
46 KB 129ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame DD2E 33 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
server: cafe
etag: 5057659360189610740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:54:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD5 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DD2E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae1d1cde48dd074c555a15be99feb290c0b0e7ce286fd4299b2239636f441c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame CF11 9 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 1a1169dfe7948c0ed870a27ead80f82d.js Show response
www.gstatic.com/mysidia/ Frame CF11 110 KB
37 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a1169dfe7948c0ed870a27ead80f82d.js?tag=leadgen/snom_text

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8013aa9c44b04c341ee041cae55079add1d8aa1066061954a18a6dfffcf4697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 21:04:02 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame CF11 19 KB
8 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 09:19:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CF11 6 KB
964 B 52ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:37:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame CF11 27 KB
7 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame CF11 51 KB
11 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11613
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame CF11 18 KB
5 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4905
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame CF11 103 KB
19 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19915
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:16 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame CF11 58 KB
10 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 10:04:37 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame CF11 31 KB
3 KB 47ms
43ms Stylesheet
text/css 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3297
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame CF11 3 KB
884 B 46ms
43ms Stylesheet
text/css 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame CF11 2 KB
733 B 46ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame CF11 37 KB
4 KB 49ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4280
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame CF11 51 KB
5 KB 49ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4972
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:21:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame CF11 2 KB
767 B 41ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 3b83c543e2369c6d5695fb1ef6fbb5b0.js Show response
www.gstatic.com/mysidia/ Frame CF11 22 KB
9 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b83c543e2369c6d5695fb1ef6fbb5b0.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9392
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 15:30:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame CF11 23 KB
9 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame CF11 3 KB
1 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame CF11 17 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF11 152 KB
46 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

59ms
58ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:17 GMT
expires: Thu, 27 Oct 2022 20:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:52:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyCi4aIWRpc3BsYXlfbGVhZF9mb3JtX3F1ZXN0aW9uX251bWJlciEAAAAAAAAIQDABCg0QKyEAAAAAAAA8QDABCh8aEnJkYV90ZXh0X2xlYWRfZm9ybSEAAAAAAADwPzABEhpDTVM2MTRlbGdmc0NGVU9XX1FjZGsySUZUdyIRbGVhZGdlbi9zbm9tX3RleHQoLA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B04 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 476B 9 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 476B 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 09:19:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 476B 6 KB
672 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 18:58:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 476B 2 KB
767 B 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 d6c5bcf26e2f43f621526b11ea468107.js Show response
www.gstatic.com/mysidia/ Frame 476B 5 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2008
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 476B 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 476B 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 476B 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 476B 0
0 46ms
45ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrRn-UG8Vy1ZIxTTT9LJTOzYTYHLDhjkyZuY7x8XluyLsM4sCtGPfEqOtSS29oY17YrKpZfN2mepMklJwEeQrgaZJBOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 476B 152 KB
46 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 476B 33 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11008580649096629316/ Frame 476B 19 KB
19 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11008580649096629316/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d814b475d04c9ad8ac5bf78fdf9e1ea4f1f7d1a9b074f993ebe6fa17f0c84e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:05:18 GMT
x-content-type-options: nosniff
age: 2819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19853
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 16:02:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 20:05:18 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13045310469748645498/ Frame 476B 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13045310469748645498/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805e24ee91a500b4ed43fb000b7c48b56d60e2c3ef28f77bb47f16a312a56b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:23:24 GMT
x-content-type-options: nosniff
age: 41333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3291
x-xss-protection: 0
last-modified: Fri, 27 May 2022 13:40:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 09:23:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 476B 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMsZfge9aY7KVA4_VYufzk8gM_9Hmu2uW2sqqjBDa2R4QASC4p8OTAWCV4pCCoAegAZfRuZsDyAEJqQJbq5JJCb-wPqgDAcgDywSqBPoBT9B8_-i9fIm_kuX2csDPw736ybvL7GgvLia4d1L0m9LXnjih70VG06l4s0bOhK0lNycJUWukgXLNknGvGoM2DpIHgLFKyfaI_fvaMgRNH3xwRFLjb6YbC36_VNdfutztTDgFegIOJlaKFzqx5swWIGq2b0Bp00OoTNh62UYLTKZtX9tIuWhzOR6frRNJ8xglIys-6V8n--b9H9HSQIeAuIDNQdB4Zh3Q4FZkYRyIsILH_AhADwFsKL9IzRr-BqglugsshBR4mayMiTnFLhPitn0WNkJgZJLtj5a1yTCJvGtiw7tX9opYogUyMeiglIoKiPviw1ywNEVhDsAE7sHz-4oEkgUECAQYAZIFBAgFGASgBi6AB9GuxmSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD4vQXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNzY1NTM5NTcwNzU2MDEyOBgA&sigh=HstA8CuckxM&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7AE9 1 KB
645 B 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 476B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71951657b72ae9d2c4af503deaa492afc4bc6efe6b42b43871e2cb67adb8040d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0236 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 7AE9 0
98 B 114ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9VCj-RhAjzKTJIUQdtqgdW1-G7dk6zmXaaKQnDCTVqkXRV18tqTpJ_BrmbyqIYkxYCEpvgnyftpMUlFSME9QTZBMblB7C9&google_gid=CAESEBBoNVh12dRf4Cl5n1GnJD8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AE9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9g7W9P...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9g7W9P...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcyMDUyMTgwMDAxNjE4NTE4ODk0Mw%3D%3D&google_push=AZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CD...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcyMDUyMTgwMDAxNjE4NTE4ODk0Mw%3D%3D&google_push=AZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CDGuviVDnNfeLy08ahdJOwicX7oaJVw

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcyMDUyMTgwMDAxNjE4NTE4ODk0Mw%3D%3D&google_push=AZmPxg9g7W9PQF_J8llnLeoI3nYz5nlMtSWReHU39EFgIlqVYNE4lSyXEftlTRsKrgL2CDGuviVDnNfeLy08ahdJOwicX7oaJVw
pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 27 Oct 2022 20:52:18 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 7AE9 43 B
356 B 132ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJO3MzEB7NVGPQhqypUM2f8&google_push=AZmPxg8zxwJJ-SsjTYVLIzb3_41nzI1eO70csEMpi6OKdBWYvaTze91Qe4BimUhQVrpsZE6PWOzVduwqGoRzEsCbaUgMa__n63NH&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3077443549&adf=2689829158&pi=t.aa~a.1349639787~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=1&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=d449tURIAf&p=https%3A//paymybill.guru&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

42ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8UhfFVJba4tZsbCW4J353By-hMY07oGuEdg5XnLLXq6gaeh4DXEyzdCWXMRuVM3GmRtcNw9natHXc6QryppIy96TVJakVQ

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8UhfFVJba4tZsbCW4J353By-hMY07oGuEdg5XnLLXq6gaeh4DXEyzdCWXMRuVM3GmRtcNw9natHXc6QryppIy96TVJakVQ
date: Thu, 27 Oct 2022 20:52:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH3Pn1LcBs9ymX0Pu1ewHZg&google_cver=1&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-U...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFMkUtMjEtOFhTMg==&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-UIq5kKw1eD-cFWFQIpMfe1cn2-

170 B
329 B

43ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFMkUtMjEtOFhTMg==&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-UIq5kKw1eD-cFWFQIpMfe1cn2-

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFMkUtMjEtOFhTMg==&google_push=AZmPxg_8-GGIwoocjWV88Rw1sFCi6G_OjXdDtG3FuyxKliBGv79JnKqNY1kNK5dAkH1WBi3zT-UIq5kKw1eD-cFWFQIpMfe1cn2-
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AE9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1z...

170 B
188 B

108ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1zSRFq_o_Fb34s552C3EaLBiCxmQEiqQvzS7Dh9JSwGbSMs-_EY7p023N-K6YfMNW

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-2J5fXedHqxlu0lu_Nm2lCNrUim4q1zSRFq_o_Fb34s552C3EaLBiCxmQEiqQvzS7Dh9JSwGbSMs-_EY7p023N-K6YfMNW
cache-control: no-cache
cf-ray: 760e508b9a466901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 7AE9 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7AE9 0
223 B 125ms
40ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JR66Mi9x4SPq8C35PcZq-5r-e6YiuYxmA5Xo_ak34rBVOKPjtHh0qns5fC1DHbxNNhvgLoeQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 476B 15 KB
15 KB 142ms
64ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 520197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:22:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 476B 15 KB
16 KB 115ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 574968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 476B 15 KB
15 KB 126ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 545844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 476B 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAKkAwBAoNEAMhAABAMzMbhEAwBAoNEAohAAAAwMzMFkAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEyMDB4MjgwMAQKDhAZKggxMjAweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAMCZmU2EQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA0QDAECg0QBSEAAEAzM0-EQDAECg0QECEAAAAAIDrhQDAECg0QESEAAAAAwFjTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAMDMzESHQDAEEhpDUExacTRpbGdmc0NGWS1xR0FvZDVfa0V5USIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC3D 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstazxdeA2w2WjkHw5-ewJejrrgO_eSlfUL_az3kuTX7hq3966tTkltfbzujCCji9rQ6P6ZEi2ilAJilOz5buHQMBErPaPd_LzbETfEQoIP3-MF0jdl_PB7n5TWnP-YudyuSV-ac7w&sai=AMfl-YRrbV-kh-FM0xwBxldq0zrBHFiK1go6bUPiwePevrNR_skq_kWaDnvA1wKAHi_wTyE_niEyIjPqPin_WUc&sig=Cg0ArKJSzC69icv-295KEAE&id=lidar2&mcvt=1007&p=0,0,280,1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666903935576&rpt=1180&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 7FDB 9 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 7FDB 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 09:19:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7FDB 6 KB
672 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 20:49:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7FDB 2 KB
767 B 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 d6c5bcf26e2f43f621526b11ea468107.js Show response
www.gstatic.com/mysidia/ Frame 7FDB 5 KB
2 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2008
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7FDB 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7FDB 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7FDB 17 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7FDB 0
0 47ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb24jLNjdf2OgE9k5W9nI19extQMOBsHgQhgEPGJn4xqQNkCuDknITdMS94vfhR0_hDcTpk3t9P2jJW05hxdkr6Q6U6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FDB 152 KB
46 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 20:52:17 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 7FDB 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7514042976673433940/ Frame 7FDB 15 KB
15 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7514042976673433940/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45904db19e9fb5c5002bcb26fd9d65cf31bdff1edc081bc703210e69188f1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 01:33:13 GMT
x-content-type-options: nosniff
age: 415144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14973
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 01:33:13 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4629348671440482138/ Frame 7FDB 3 KB
3 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4629348671440482138/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b825ffbd9e6e5cc6848d38ff8adde8cf79fd51aded53aa923ca7fab61a24d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 08:33:55 GMT
x-content-type-options: nosniff
age: 303502
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3133
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 08:12:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 08:33:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FDB 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFF9Gge9aY7GZA5XGYsP-taAGmufTkG2yyOOS4Q-Zk-6hlA4QASC4p8OTAWCV4pCCoAegAf7WxdYDyAEJqQJbq5JJCb-wPqgDAcgDywSqBPcBT9DF60fMlmwqTb87vvNTZ2EG4nIfWWZQpliMQzBUjVHDrdbLAzXUyB2xMP42F-MH2xBm6tPLBSL__9t6u9Av9lsb_VpSktEsKq6Ic4hZqi0UTubzJlBUrfv7QxNkBDhSephy5OXdbSwxwQWBnL-uHSram1XRnF9FwuKj3XYJeTcyNcwseaDsVa3k17ml1pKRlim1FoxNe0LQXcCuJuWPsTb2Wrb4wX71Xqv9MTJdfOFSH1s1zuliM5OQHhwyHBNQKEoBph2VQhCLLZY5YnUhKAblZhHwzPwuQNBI9Dh82F-VlQKK7FvDwqzc6aIrsLP-p2QdKuV18MAExPiVjo0EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7-kzgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD9zhLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNzY1NTM5NTcwNzU2MDEyOBgA&sigh=wOju0OwPwUg&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 20:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 94A6 1 KB
645 B 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FDB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ad2758620cc3105c5b8a062660dc422ab5d2626de1530dd25ec1b112a6e70b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8476 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 94A6 35 B
463 B 34ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGx0utNVA902-cfl4VhefMs&google_cver=1&google_push=AZmPxg9QECo13sBtKz8C4zujf0MLlDN4IFZKVkCVzwyKs5guLZ2ZfOnbKNzX3Hzv7kz0-WdCkrqoDpjDk39DDiJLkvGct1d-xrqI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 94A6
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBUPEAYmW3hAyi1TLx_3-Fo&google_cver=1&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w&google_hm=Q0FFU0VCVVBFQVltVzNoQX...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w&google_hm=Q0FFU0VCVVBFQVltVzNoQXlpMVRMeF8zLUZv

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 20:52:17 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_C-6QmG4YknHQp3hiWNVAMA8ObULdDhfiAFxVy1TQmzX0oaqLp0aOzXP2C7ahh5pzz7IS7qfSYrZbhiSNxSG29Mn5rX3w&google_hm=Q0FFU0VCVVBFQVltVzNoQXlpMVRMeF8zLUZv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 94A6 43 B
61 B 73ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJO3MzEB7NVGPQhqypUM2f8&google_push=AZmPxg_ik-63tRBk6HY-B6rJv5rkKjSuVM1RXyxBevHxAK4mzLxQigE-X7oxGfMaWqgkoXkE_bUt8URKV2mheV4upQ5mp1OTP6Xo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 94A6 43 B
350 B 125ms
38ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG1wmW8b5Mht2XoKklkwB4I&google_cver=1&google_push=AZmPxg-1KV8v8epKZqe3dNuutCWr_I2bPRThg0r53bt9baIToxpHj56YZUm8UwrVrP29MjNT4xAJRYHQGGcBivR1evyxre0Wajwj
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a01a6kivdvd6a11thtg14fvpbam6h2t8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 94A6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_T72tc5R5VW_p8qnyoNTA9cS26QKnSp0phwFBAn4KWkHL_db7IUaNbsK6x7JxeTrezZGCCCmvEknqQPNgQzI-KeJob3qst

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBIvcTuvSU6tvom_ZVt-cQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_T72tc5R5VW_p8qnyoNTA9cS26QKnSp0phwFBAn4KWkHL_db7IUaNbsK6x7JxeTrezZGCCCmvEknqQPNgQzI-KeJob3qst
date: Thu, 27 Oct 2022 20:52:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 94A6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH3Pn1LcBs9ymX0Pu1ewHZg&google_cver=1&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFNlQtMjgtNkZFTQ==&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn4bCZxQktFZLj-UE5l2bGdsE-r

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFNlQtMjgtNkZFTQ==&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn4bCZxQktFZLj-UE5l2bGdsE-r

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSSktFNlQtMjgtNkZFTQ==&google_push=AZmPxg89MGXsheDwm59OK20Fn2wIIIQEcLO1t7epJ0EDarj9iP3u6EenfjWWnYwamrlblHupvbn4bCZxQktFZLj-UE5l2bGdsE-r
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 94A6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-AUPoQuaPnTrYkK-r4KHfw-dx9U8orG...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-AUPoQuaPnTrYkK-r4KHfw-dx9U8orGHpDiFJb8oN3mbB0CORYNHO5IRFiHo4aCsoLKsYwHBJH5T44d_YcFdj86U1LcQw4

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-eX2bvl9_VGe6O-yyn_tU&google_hm=Y1rvgU8OX5uqJqdJXudSnAAAFBoAAAIB&google_nid=index&google_push=AZmPxg-AUPoQuaPnTrYkK-r4KHfw-dx9U8orGHpDiFJb8oN3mbB0CORYNHO5IRFiHo4aCsoLKsYwHBJH5T44d_YcFdj86U1LcQw4
cache-control: no-cache
cf-ray: 760e508c8c276901-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 94A6 0
12 B 41ms
40ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqT9QGyDA3QNvgzzgLg8TP9Jdiis8eY4sLCyuQOxzFn0c6MppK6LH9z6oEpOdnrAYQxvec

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:52:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FDB 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 520198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:22:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FDB 15 KB
16 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 574969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FDB 15 KB
15 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 545845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FDB 0
21 B 73ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAGEAwBAoNEAMhAAAAAABsjEAwBAoNEAohAAAAAGZm9j8wBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEyMDB4MjgwMAQKDhAZKggxMjAweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAIBmZnqMQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAAiQDAECg0QBSEAAEAzM3uMQDAECg0QECEAAAAAYCPhQDAECg0QESEAAAAAwFjTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAICZmfmOQDAEEhpDUEhkcTRpbGdmc0NGUldqR0FvZFEzOE5aQSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 476B 0
21 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAKBS5kAwBAoNEBUhAAAAAAAALkAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAAAC4jEAwBAoNEDIhAAAAADQz0z8wBAoNEDMhAAAAADQz0z8wBAoNEDQhAAAAADQz0z8wBAoNEDUhAAAAADQz0z8wBAoNEDYhAAAAADQz0z8wBAoNEDchAAAAADQz0z8wBAoNEDghAAAAgDMz8z8wBAoNEDkhAACAZmbGgEAwBAoNEDohAACAZmZKgUAwBAoNEDshAADAmZk5h0AwBAoNEDwhAADAmZk5h0AwBAoNED0hAADAzMxEh0AwBAoNED4hAACAZmZ6jEAwBAoNED8hAACAZmZ6jEAwBAoNEEAhAADAmZnJjEAwBBIaQ1BMWnE0aWxnZnNDRlktcUdBb2Q1X2tFeVEiHHNjcmVhbS90aHJvbmVfaW1hZ2VfbG9nb19vY2goEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame A89D 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655395707560128&output=html&h=280&adk=3088186576&adf=2827832974&pi=t.aa~a.1093851774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666884478&rafmt=1&to=qs&pwprc=6613278971&psa=1&format=1200x280&url=https%3A%2F%2Fpaymybill.guru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666903936994&bpp=1&bdt=2504&idt=-M&shv=r20221026&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ab7ca530982235-229e98df58ce0068%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA&gpic=UID%3D00000b79619bf8a1%3AT%3D1666903935%3ART%3D1666903935%3AS%3DALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6036369080437&frm=20&pv=1&ga_vid=1914506548.1666903936&ga_sid=1666903936&ga_hid=1498597604&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070307%2C42531706%2C44775016%2C44777177&oid=2&psts=APxP-9DjFbJdpV9U8o-5wHwBJlYA22kUFb6mQgkttuZiOIVDIOTbF40RChJJT1djzJipmsMCPVLOr-zA3KDxcBafXg&pvsid=3105025659257105&tmod=324668629&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1vOuxiXpAm&p=https%3A//paymybill.guru&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FDB 0
21 B 73ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAODc40AwBAoNEBUhAAAAAAAALkAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAACgmZmFkEAwBAoNEDIhAAAAAJiZyT8wBAoNEDMhAAAAAJiZyT8wBAoNEDQhAAAAAJiZyT8wBAoNEDUhAAAAAJiZyT8wBAoNEDYhAAAAAJiZyT8wBAoNEDchAAAAAJiZyT8wBAoNEDghAAAAADMz8z8wBAoNEDkhAACAmZmRikAwBAoNEDohAACAZmbyikAwBAoNEDshAACAmZnxjkAwBAoNEDwhAACAmZnxjkAwBAoNED0hAACAmZn5jkAwBAoNED4hAACgmZllkEAwBAoNED8hAACgmZllkEAwBAoNEEAhAACgmZmNkEAwBBIaQ1BIZHE0aWxnZnNDRlJXakdBb2RRMzhOWkEiHHNjcmVhbS90aHJvbmVfaW1hZ2VfbG9nb19vY2goEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD2E 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCkMe4CInA1FpqA0-Ly2Pw0l1tXeolA-GHTn76JWuaVs0fnWviNIrXh7LKc_-N76lRLo6LgeHmhZ9sACx_cW0_3g1qJjKty7D2s47xmG2rBdgOeXyKlFqahx2ZRapMsaJywM0pDA&sai=AMfl-YQlojGnpKDsRYh9xNgrfmVsx0EZxCyf-yps52uwzKQwuE-b1VyvyL4TyITVQU6r7HS8vuliHaDm6iDoZAs&sig=Cg0ArKJSzHcA1S78N5zdEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,738,1000,1085,1147&tos=83,655,262,85,62&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666903937094&rpt=242&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 20:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIKkDSzgBUxOG1M1_q5j4QQ&google_cver=1&google_push=AZmPxg9IcUryAD_QNfAfQj7vMbHYNIPCGqbyV9HFIp6dfGM5X4MPcnGqJcmJP_RUPZHlaGl89mbJJybLok9b6elahcIwA3RYr_IA2w

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paymybill.guru/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.paymybill.guru/	1970-01-20 16:37:43	Name: _ga Value: GA1.2.1914506548.1666903936
.paymybill.guru/	1970-01-20 07:03:10	Name: _gid Value: GA1.2.568032976.1666903936
.paymybill.guru/	1970-01-20 07:01:43	Name: _gat_gtag_UA_108033343_2 Value: 1
.paymybill.guru/	1970-01-20 16:23:19	Name: __gads Value: ID=53ab7ca530982235-229e98df58ce0068:T=1666903935:RT=1666903935:S=ALNI_MavX3A0uyQ_pGRsg2N9OjYjcVz7BA
.paymybill.guru/	1970-01-20 16:23:19	Name: __gpi Value: UID=00000b79619bf8a1:T=1666903935:RT=1666903935:S=ALNI_MZNNZhZzw_acilw9JHEZzOGdvrcFQ
.doubleclick.net/	1970-01-20 16:23:19	Name: IDE Value: AHWqTUmxdX6Nk0KX2XfbZ6ZE2LIj-66j_PzWt1TJ882UrjfecQ93mXh4X2-YftWmgdI
.doubleclick.net/	1970-01-20 07:01:47	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 07:03:10	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:47:19	Name: CMID Value: Y1rvgU8OX5uqJqdJXudSnAAA
.casalemedia.com/	1970-01-20 09:11:19	Name: CMPS Value: 5146
.casalemedia.com/	1970-01-20 09:11:19	Name: CMPRO Value: 5146
.pubmatic.com/	1970-01-20 09:11:19	Name: KADUSERCOOKIE Value: 0C122F71-3BAF-494E-ADBE-89BF655B7E71
.quantserve.com/	1970-01-20 09:11:19	Name: d Value: EAgBCQG3J4EA
.quantserve.com/	1970-01-20 16:31:58	Name: mc Value: 635aef82-06eb3-35c64-0468e
.agkn.com/	1970-01-20 15:47:19	Name: ab Value: 0001%3AWMITl%2B%2F%2Fog7pqdKZyM%2FDPBapyG2sCIWL
.agkn.com/	1970-01-20 15:47:19	Name: u Value: C\|0CEAq7awCKu2sAgAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 09:11:19	Name: CMTS Value: 1108
.e.dlx.addthis.com/	1970-01-20 16:31:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:31:58	Name: na_id Value: 2022102720521800016185188943
.addthis.com/	1970-01-20 16:31:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:31:58	Name: uid Value: 635aef826eed378e
.addthis.com/	1970-01-20 16:31:58	Name: ouid Value: 635aef82000197c00297d58b9ad99cc1c165aad4803e3da46da2
.dlx.addthis.com/	1970-01-20 07:44:55	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:44:55	Name: na_sr Value: 20221027
.dlx.addthis.com/	1970-01-20 07:01:43	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:44:55	Name: na_sc_e Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://paymybill.guru/wp-content/themes/rehub-theme/images/default/noimage_336_220.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIKkDSzgBUxOG1M1_q5j4QQ&google_cver=1&google_push=AZmPxg9IcUryAD_QNfAfQj7vMbHYNIPCGqbyV9HFIp6dfGM5X4MPcnGqJcmJP_RUPZHlaGl89mbJJybLok9b6elahcIwA3RYr_IA2w Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9VCj-RhAjzKTJIUQdtqgdW1-G7dk6zmXaaKQnDCTVqkXRV18tqTpJ_BrmbyqIYkxYCEpvgnyftpMUlFSME9QTZBMblB7C9&google_gid=CAESEBBoNVh12dRf4Cl5n1GnJD8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
paymybill.guru
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.186.98
185.64.190.78
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
3.126.163.185
34.98.67.61
35.209.4.234
35.227.252.103
35.244.174.68
69.173.144.139
69.192.160.219
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
153127e225266567e6fc681d8b40906b0da2187bfae0b96fb7a1939c6f5e9226
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
166fe28bc64343573acee93919d704dec6eb62e2eb7be3261ac75b15b50c0284
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1de8808529d5490b269bbd6f951e057e457b992172124e96311c1dccd0748b1b
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
249f3056b3c4d96ec62da6090bfd34ef5c9e6dcdff3e451c68abfab90e9f2c6c
265d7f99cd4e0c4bcac4538a14e9e193a593cb4530aff58ffe56eccfa9937abf
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2a3bc611b7a36d5face9c4d7ecefcbcc831209427b99a84814eaa89cda62c685
2dc6c2f374c71ad9057471acf9a5c9576007b8c63ed533f8a8e6ac3376ce57a2
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2f808305317a7424f060942022d07888b34fe8f0e27e0511025a3f5c49f1bded
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7
3e8fe94c7f55acca9eae3680ee02705e8ffc646fdff1749254d36b4050b46ea5
3f2c4c0fdaa838ddc42e3722adfe0c38ef02ca5a4c39f2d784258cf791afbfb8
43ad2758620cc3105c5b8a062660dc422ab5d2626de1530dd25ec1b112a6e70b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47110b4d14ab9f0a28ae50ff94958a7e1beac19428e7d8e5425032fdf1257dcf
49c98c62101ffb0ade51cf3beb05618ca527def79d0fb93457db83699243a58f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6aa0ade0cef3950e0fc00be272fe21ae4cb9914e711ef6245129026a14b4b044
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb2cfee2dc7dc873e298292efb3e4174881b415aad46249bda2c1e1af752f34
71951657b72ae9d2c4af503deaa492afc4bc6efe6b42b43871e2cb67adb8040d
772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
805e24ee91a500b4ed43fb000b7c48b56d60e2c3ef28f77bb47f16a312a56b6a
870efe5f52b1d906909c04a226af6e8c12eb360ead7a9921c859dec3766c1427
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
92dea0e7d06079abb718b3cd7592df9b43386e7deaa7660e6ac687b77e843c1b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
9887adb97341b25cb39b8a4bdc788bfad648219cf1ba1e0f112eb89e5bd8ed89
994d0de6d99babae820ef2766c74f3af3d0d54d06dfdaab0fa56ea4cdb2b2a34
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f85af38adb25e324011b90859631fa3403fc60ec0d1c17968ae59dd35f50a6a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08167d4b9fa78e9f4850c897f1320976535aaf586134813a9e7693f7887dd1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8013aa9c44b04c341ee041cae55079add1d8aa1066061954a18a6dfffcf4697
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac4f780358ba4326a07c3a9bb83dff5a70cbb95a22be0f4c9385efe182cd722f
ae1d1cde48dd074c555a15be99feb290c0b0e7ce286fd4299b2239636f441c1e
ae9b13fa55c149a7168cb41c70b2cc0dbae03250424074e1afbabffcb1ad153d
b23304a132612b2251d5658daaa6e2dc0ac12889110431ab5bee23fdb5fc24d3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b5930fd8bc0b23403e579c514332fdf590d95f678f3ca2a75547b46db8e69771
ba79438b8242ab024da84859f9c12141e8ee5e60c787319991205fa74162f0b8
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf15e80eb4cf24133f6d6e76bdffd4bf24f773da5dfaa8e556b8ab50a2958e0d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c79b77b501a0fd228b7424ab0dc4486b66936658e72a39985f18ed38231e8841
cbcfc03bd3cba8c1af22841739c0498a2d72c81fc8febb7641ea8cc1b46a09da
cca3bc776f3c3612ea8386ed6eb35d10dca61f6504840f1f669d852cb188b6d0
cea3c73ac0808546ff0065dd23aab1fe317e8fa6189a3b55e368a48bfefaa1c7
d09b318a7d829da0037166ec941dee75e68efff1612ab528b66022ddb4ed9f15
d3dc8f458ab5d800080480d9ec4c818e1a72e8594049408a75aac8c983f4cea3
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d814b475d04c9ad8ac5bf78fdf9e1ea4f1f7d1a9b074f993ebe6fa17f0c84e42
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
daabe4a04d1befe87705d6cc50785a59807215e635706e8106d53fcf153d1415
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e45904db19e9fb5c5002bcb26fd9d65cf31bdff1edc081bc703210e69188f1e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec3d7aef5d7781105e88d957747c91ef9e0daf73ef1ed75f04b7b57de83e5e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9911b9e726f2a9060537e33f4ec37cc57696b03c14829904e87525ef1d1bf88
f9b825ffbd9e6e5cc6848d38ff8adde8cf79fd51aded53aa923ca7fab61a24d0
f9fe868757f33b9292ef2f4a32b406d83b7923587cc81d8d4298de3ddee02dd8
faeadd15b1d5c676be56f89e646fab73e657384a93f063128e3a0b2d83e71241
fd48a3aa39e064ef4c1d48a6e6264f40260003ad60824c9aa8ccac4ff0c70f52
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fd925cefcc6f5ac61b1b0c191587d70fa00785b1923c5da04647ec4d08ca98d6

paymybill.guru Open in urlscan Pro 35.209.4.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

95 %HTTPS

57 %IPv6

21 Domains

25 Subdomains

19 IPs

4 Countries

2104 kBTransfer

5121 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paymybill.guru Open in urlscan Pro
35.209.4.234 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

95 %
HTTPS

57 %
IPv6

21
Domains

25
Subdomains

19
IPs

4
Countries

2104 kB
Transfer

5121 kB
Size

27
Cookies

165 HTTP transactions
8 data transactions