maintenance.billing.pakchamp.com Open in urlscan Pro
51.79.164.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://maintenance.billing.pakchamp.com/
Effective URL:
https://maintenance.billing.pakchamp.com/clientarea.php
Submission: On December 07 via automatic, source certstream-suspicious (December 7th 2022, 9:02:36 am UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 44 HTTP transactions. The main IP is 51.79.164.227, located in Singapore, Singapore and belongs to OVH, FR. The main domain is maintenance.billing.pakchamp.com.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time maintenance.billing.pakchamp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	51.79.164.227 51.79.164.227	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
44	13

12 51.79.164.227 (Singapore, Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: server.pakchamp.com

maintenance.billing.pakchamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 110 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 88	85 KB
12	pakchamp.com 1 redirects maintenance.billing.pakchamp.com	1 MB
10	gstatic.com fonts.gstatic.com www.gstatic.com	672 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5234	784 B
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 170	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	69 KB
44	9

	Domain	Requested by
12	maintenance.billing.pakchamp.com	1 redirects maintenance.billing.pakchamp.com
8	www.google.com	2 redirects maintenance.billing.pakchamp.com www.gstatic.com www.google.com
7	www.gstatic.com	www.google.com accounts.google.com www.gstatic.com
4	www.google.de	maintenance.billing.pakchamp.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
3	accounts.google.com	apis.google.com maintenance.billing.pakchamp.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	connect.facebook.net	maintenance.billing.pakchamp.com connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com
2	apis.google.com	maintenance.billing.pakchamp.com apis.google.com
1	fonts.googleapis.com	maintenance.billing.pakchamp.com
1	www.googletagmanager.com	maintenance.billing.pakchamp.com
44	12

This site contains links to these domains. Also see Links.

Domain
www.whmcs.com

Subject Issuer	Validity	Valid
maintenance.billing.pakchamp.com R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-15` - `2022-12-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://maintenance.billing.pakchamp.com/clientarea.php
Frame ID: 387D8DCB2282DABEF18A673E01D60832
Requests: 31 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 03535B3D87CB7CEE3CD4C6F5394C0EC0
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs&co=aHR0cHM6Ly9tYWludGVuYW5jZS5iaWxsaW5nLnBha2NoYW1wLmNvbTo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=i9utfc2wbdtx
Frame ID: 3884EBB02000D06640E9EA85E2C5A37A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs
Frame ID: 8E50102B26B2ED1CBDC06F803DBF576D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Client Area - PAK CHAMP SOFT (PVT). LTD

Page URL History Show full URLs

https://maintenance.billing.pakchamp.com/ HTTP 302
https://maintenance.billing.pakchamp.com/clientarea.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

95 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

13
IPs

4
Countries

2131 kB
Transfer

3469 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whmcs.com/
Title: WHMCompleteSolution

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://maintenance.billing.pakchamp.com/ HTTP 302
https://maintenance.billing.pakchamp.com/clientarea.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=p1aQY9iXLrLPmwe5orzoDg&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1d3WFoxSS1TOHN6U3lEVk11bzZzX1hZTVgyWXNZRUhxMzQ2aXp4NFNUeWlFV2FRUXpFWkMwUQ HTTP 302
https://www.google.com/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1d3WFoxSS1TOHN6U3lEVk11bzZzX1hZTVgyWXNZRUhxMzQ2aXp4NFNUeWlFV2FRUXpFWkMwUQ&is_vtc=1&ocp_id=p1aQY9iXLrLPmwe5orzoDg&cid=CAQSKQDq26N95dSz_wkvoyRp__Chh9cB2RHGO058t--_tHtBwXCNcgvTuREnIBM&random=1153175883 HTTP 302
https://www.google.de/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1d3WFoxSS1TOHN6U3lEVk11bzZzX1hZTVgyWXNZRUhxMzQ2aXp4NFNUeWlFV2FRUXpFWkMwUQ&is_vtc=1&ocp_id=p1aQY9iXLrLPmwe5orzoDg&cid=CAQSKQDq26N95dSz_wkvoyRp__Chh9cB2RHGO058t--_tHtBwXCNcgvTuREnIBM&random=1153175883&ipr=y&prhg=0

Request Chain 28

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=p1aQY7WSLrvJmLAPltCtmAo&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT2F1ZDktTGdGcFpWMnFPNWRWOUlCYVdFZXVXSlRsSm9kdEdnTVQwYmxKNGtkZlFNWUR0b0tQTQ HTTP 302
https://www.google.com/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT2F1ZDktTGdGcFpWMnFPNWRWOUlCYVdFZXVXSlRsSm9kdEdnTVQwYmxKNGtkZlFNWUR0b0tQTQ&is_vtc=1&ocp_id=p1aQY7WSLrvJmLAPltCtmAo&cid=CAQSKQDq26N9VyTIoCimqPAEhnbh1ybCIYytMg5rLYZescL6vnQ6td24C3U4IBM&random=1370221143 HTTP 302
https://www.google.de/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT2F1ZDktTGdGcFpWMnFPNWRWOUlCYVdFZXVXSlRsSm9kdEdnTVQwYmxKNGtkZlFNWUR0b0tQTQ&is_vtc=1&ocp_id=p1aQY7WSLrvJmLAPltCtmAo&cid=CAQSKQDq26N9VyTIoCimqPAEhnbh1ybCIYytMg5rLYZescL6vnQ6td24C3U4IBM&random=1370221143&ipr=y&prhg=0

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request clientarea.php Show response
maintenance.billing.pakchamp.com/
Redirect Chain

https://maintenance.billing.pakchamp.com/
https://maintenance.billing.pakchamp.com/clientarea.php

37 KB
37 KB

566ms
565ms

Document
text/html

51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: c47129520c3f25991a6e72c4d9a2b3edd839596b0172f51c6c31612269f1f27b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 09:02:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 09:02:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: clientarea.php
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 146ms
55ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-808201740

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d664f2d449df343a94e82b23420e5c26e6764bfd6a9c6c4aca700f64faa76785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:02:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 09:02:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 142ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

417aac34eae0d5f4db388578c4e2b9e035e6e7b42193a1498522529b6f73465d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 09:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 08:49:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 09:02:30 GMT

GET
H/1.1 200
OK all.min.css
maintenance.billing.pakchamp.com/templates/six/css/ 209 KB
209 KB 171ms
168ms Stylesheet
text/css 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/templates/six/css/all.min.css?v=d2d29a
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 7333db2e273101a633e8a41821b9dfa3970b59c3f328e93b27ca076d2beef8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:30 GMT
Last-Modified: Wed, 07 Dec 2022 07:04:57 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 214143

GET
H/1.1 200
OK fontawesome-all.min.css
maintenance.billing.pakchamp.com/assets/css/ 153 KB
153 KB 486ms
167ms Stylesheet
text/css 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/assets/css/fontawesome-all.min.css
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:30 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:43 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 156472

GET
H/1.1 200
OK custom.css
maintenance.billing.pakchamp.com/templates/six/css/ 214 B
455 B 501ms
166ms Stylesheet
text/css 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/templates/six/css/custom.css
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:30 GMT
Last-Modified: Wed, 07 Dec 2022 07:04:57 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 214

GET
H/1.1 200
OK scripts.min.js Show response
maintenance.billing.pakchamp.com/templates/six/js/ 589 KB
589 KB 501ms
167ms Script
application/javascript 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/templates/six/js/scripts.min.js?v=d2d29a
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: ec910a1fef4218d76af97ac9debe2047162cd65588d114cbe43095d6f3e044fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:30 GMT
Last-Modified: Wed, 07 Dec 2022 07:04:57 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 603015

GET
H/1.1 200
OK logo.png
maintenance.billing.pakchamp.com/assets/img/ 21 KB
21 KB 168ms
167ms Image
image/png 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maintenance.billing.pakchamp.com/assets/img/logo.png
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 7d4b87f525644f21ecf0b14db0fdc913a3ce8440030f60a56fe8f60ce378c3ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:43 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21070

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 142ms
50ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=startGoogleApp

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704b7e13b2dc210f278a924dcb0022cf44ee39fd6f4729e68898572003738693

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 09:02:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "25aec978685dede4"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 09:02:31 GMT

GET
H/1.1 200
OK google_icon.png
maintenance.billing.pakchamp.com/assets/img/auth/ 3 KB
3 KB 170ms
169ms Image
image/png 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maintenance.billing.pakchamp.com/assets/img/auth/google_icon.png
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 6dbecb39c428d835f15cd62853de3366c63371d40068c156f94d7992e2978679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:43 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3213

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/ 2 KB
2 KB 147ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=1670403750487&cv=11&fst=1670403750487&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&auid=484097609.1670403750&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-808201740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ec80d2bd534cc0f79ab235d5f8a743484fbe45072af83553ce8d656daea9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 915
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/808201740/ 2 KB
1 KB 152ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/808201740/?random=1670403750500&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-808201740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ea2579807b7917c215c543f7c5833f8da05f9acf19957b548447fa7f2997b5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/808201740/ 2 KB
2 KB 135ms
50ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/808201740/?random=1670403750501&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-808201740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

96116aa445a66f3e907604eefb4db643faef651cd85467c4a56b687c7f6a5f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/ 2 KB
1 KB 83ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=1670403750503&cv=11&fst=1670403750503&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&auid=484097609.1670403750&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-808201740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff31705c0ac14cfbad9092761b8b6ab796b822f17afe6ea502d4903a5ddf31ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 915
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK overlay-spinner.svg
maintenance.billing.pakchamp.com/assets/img/ 711 B
956 B 168ms
167ms Image
image/svg+xml 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maintenance.billing.pakchamp.com/assets/img/overlay-spinner.svg
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:43 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 711

GET
H/1.1 200
OK clippy.svg
maintenance.billing.pakchamp.com/assets/img/ 519 B
764 B 166ms
166ms Image
image/svg+xml 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maintenance.billing.pakchamp.com/assets/img/clippy.svg
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/clientarea.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:43 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 519

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 137527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 333ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

6ea39cacea45a9956f8cc54d19543ceb189a68869d252ad6419fc3a27c0ecf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 09:02:32 GMT
content-md5: uJQk5ytElAXblrZvE7rONQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Z8G3ZzGErq40QNmK5r82TiV8rF0Wg9aKi/UkQ7FGDich6RUPPM/KZuGxAxX1CgUa0fYDJZCPm4wOKqnz7XSTKw==
x-fb-trip-id: 917726464
x-fb-content-md5: c6eec3a508a92d6544af88ea19b2aa10
cross-origin-opener-policy: same-origin-allow-popups
etag: "a696f2e0840a708f88d68c2584e4da76"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 09:04:19 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
maintenance.billing.pakchamp.com/assets/webfonts/ 120 KB
120 KB 168ms
168ms Font
font/woff2 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/assets/webfonts/fa-solid-900.woff2
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/assets/css/fontawesome-all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c

Request headers

Referer: https://maintenance.billing.pakchamp.com/assets/css/fontawesome-all.min.css
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:44 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 123132

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 166ms
93ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 471417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:05:34 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
maintenance.billing.pakchamp.com/assets/webfonts/ 73 KB
73 KB 169ms
168ms Font
font/woff2 51.79.164.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://maintenance.billing.pakchamp.com/assets/webfonts/fa-brands-400.woff2
Requested by: Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/assets/css/fontawesome-all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.164.227 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: server.pakchamp.com
Software: Apache /
Resource Hash: 835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d

Request headers

Referer: https://maintenance.billing.pakchamp.com/assets/css/fontawesome-all.min.css
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 09:02:31 GMT
Last-Modified: Wed, 07 Dec 2022 07:05:44 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 74652

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
964 B 125ms
45ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?_=1670403751625

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/templates/six/js/scripts.min.js?v=d2d29a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 09:02:31 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ 108 KB
36 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=startGoogleApp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 10:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 10:42:56 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/808201740/ 42 B
327 B 101ms
48ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/808201740/?random=1670403750487&cv=11&fst=1670403600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3271827042&rmt_tld=0&ipr=y

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/808201740/ 42 B
108 B 129ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/808201740/?random=1670403750487&cv=11&fst=1670403600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3271827042&rmt_tld=1&ipr=y

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/808201740/ 42 B
108 B 104ms
51ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/808201740/?random=1670403750503&cv=11&fst=1670403600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3673132890&rmt_tld=0&ipr=y

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/808201740/ 42 B
548 B 127ms
48ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/808201740/?random=1670403750503&cv=11&fst=1670403600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3673132890&rmt_tld=1&ipr=y

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 0353 280 B
1 KB 148ms
63ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c7f7bb54bcba92428b4d93d25596406da6a7a91100fa125fbea595524b60f56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CnRdPd7rPQiUUdi0eRM53A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maintenance.billing.pakchamp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CnRdPd7rPQiUUdi0eRM53A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 09:02:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/808201740/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsI...
https://www.google.com/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadserv...

42 B
64 B

134ms
55ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1d3WFoxSS1TOHN6U3lEVk11bzZzX1hZTVgyWXNZRUhxMzQ2aXp4NFNUeWlFV2FRUXpFWkMwUQ&is_vtc=1&ocp_id=p1aQY9iXLrLPmwe5orzoDg&cid=CAQSKQDq26N95dSz_wkvoyRp__Chh9cB2RHGO058t--_tHtBwXCNcgvTuREnIBM&random=1153175883&ipr=y&prhg=0

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/808201740/?random=2136365032&cv=11&fst=1670403750501&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wyCyCNbU5KMDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1d3WFoxSS1TOHN6U3lEVk11bzZzX1hZTVgyWXNZRUhxMzQ2aXp4NFNUeWlFV2FRUXpFWkMwUQ&is_vtc=1&ocp_id=p1aQY9iXLrLPmwe5orzoDg&cid=CAQSKQDq26N95dSz_wkvoyRp__Chh9cB2RHGO058t--_tHtBwXCNcgvTuREnIBM&random=1153175883&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/808201740/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIE...
https://www.google.com/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadserv...
https://www.google.de/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservi...

42 B
64 B

135ms
57ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT2F1ZDktTGdGcFpWMnFPNWRWOUlCYVdFZXVXSlRsSm9kdEdnTVQwYmxKNGtkZlFNWUR0b0tQTQ&is_vtc=1&ocp_id=p1aQY7WSLrvJmLAPltCtmAo&cid=CAQSKQDq26N9VyTIoCimqPAEhnbh1ybCIYytMg5rLYZescL6vnQ6td24C3U4IBM&random=1370221143&ipr=y&prhg=0

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://maintenance.billing.pakchamp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/808201740/?random=870859750&cv=11&fst=1670403750500&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=SVm4CMfLxqIDEIzcsIED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaintenance.billing.pakchamp.com%2Fclientarea.php&tiba=Client%20Area%20-%20PAK%20CHAMP%20SOFT%20(PVT).%20LTD&value=3000&currency_code=PKR&gtm_ee=1&auid=484097609.1670403750&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjdhSWRVdEpkUVVUb0xITkJrZzYwbmt3Q3JPaWJGWTc4ZkpmeWdUZ1NEblEaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT2F1ZDktTGdGcFpWMnFPNWRWOUlCYVdFZXVXSlRsSm9kdEdnTVQwYmxKNGtkZlFNWUR0b0tQTQ&is_vtc=1&ocp_id=p1aQY7WSLrvJmLAPltCtmAo&cid=CAQSKQDq26N9VyTIoCimqPAEhnbh1ybCIYytMg5rLYZescL6vnQ6td24C3U4IBM&random=1370221143&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?_=1670403751625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maintenance.billing.pakchamp.com/
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:15:16 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 0353 2 KB
848 B 129ms
55ms Other
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: maintenance.billing.pakchamp.com
URL: https://maintenance.billing.pakchamp.com/clientarea.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2b7a90d667185944639054682d1cbd638b045ce8312af8b6cd874a9957b61c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 09:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.6xepRN4cyss.es5.O/d=1/rs=AOaEmlHDBNdrgyC1S3Fg1TpS_NneJoOsrQ/ Frame 0353 99 KB
34 KB 115ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.6xepRN4cyss.es5.O/d=1/rs=AOaEmlHDBNdrgyC1S3Fg1TpS_NneJoOsrQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2f976f080e9af180b1204de3b0a6e992a600497feaca002e6301a2d290c853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 00:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34902
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 07:40:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 00:39:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2eedcdd117cd5bab54007889c9cd7815

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

888008cbcaa4103fe56e7bea8e588b9b79c5f06c8e085584c43ec6eba6482fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://maintenance.billing.pakchamp.com/
Origin: https://maintenance.billing.pakchamp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 09:02:32 GMT
content-md5: 0ydrYtxhDfXhTfmFI1Cksg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88441
x-fb-rlafr: 0
x-fb-debug: xZdoWdBP75xU6TTYFAvC42lxq/sN8w0focZbnvWtf8oeDm/oZXHNAnJaagbKVNeu4AM9E2j0V1scmvB5r5OK9A==
x-fb-content-md5: cd138fa018d1ed1183aa9d8e98b85081
cross-origin-opener-policy: same-origin-allow-popups
etag: "15903b53662ff32489300b7da64f44f9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Dec 2023 07:59:54 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3884 43 KB
23 KB 68ms
67ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs&co=aHR0cHM6Ly9tYWludGVuYW5jZS5iaWxsaW5nLnBha2NoYW1wLmNvbTo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=i9utfc2wbdtx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5984563742400c7b5c90b8de0a061895e4b1b3b4811ed1c68ff522e7f7b6481

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cPQszXkRQbSQx_qSWAElhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://maintenance.billing.pakchamp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23229
content-security-policy: script-src 'report-sample' 'nonce-cPQszXkRQbSQx_qSWAElhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 09:02:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 0353 50 B
92 B 73ms
73ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fmaintenance.billing.pakchamp.com&client_id=1041863652853-1e2pl55hosmob4e8pfgsmh1ufg33a5m8.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.6xepRN4cyss.es5.O/d=1/rs=AOaEmlHDBNdrgyC1S3Fg1TpS_NneJoOsrQ/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-01c26v-0c61H8UNGqUMU4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-01c26v-0c61H8UNGqUMU4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 07 Dec 2022 09:02:32 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 3884 52 KB
24 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs&co=aHR0cHM6Ly9tYWludGVuYW5jZS5iaWxsaW5nLnBha2NoYW1wLmNvbTo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=i9utfc2wbdtx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:59:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 3884 402 KB
161 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:15:16 GMT

GET
DATA 200
OK truncated
/ Frame 3884 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3884 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3884 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:59:47 GMT
x-content-type-options: nosniff
age: 50565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Dec 2022 18:59:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3884 15 KB
15 KB 121ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 421647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:55:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3884 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs&co=aHR0cHM6Ly9tYWludGVuYW5jZS5iaWxsaW5nLnBha2NoYW1wLmNvbTo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=i9utfc2wbdtx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 09:02:32 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8E50 7 KB
1 KB 52ms
52ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d31ff4c283218be9e85503fdbf356cb91bfb635926a336c9816b5144f33b445

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ll2D2Njk8f2laHiTJwoeVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://maintenance.billing.pakchamp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-ll2D2Njk8f2laHiTJwoeVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 09:02:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 8E50 52 KB
24 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:59:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 8E50 402 KB
161 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Leu_OAUAAAAAMnfqiX1qEaJHD_XpFVbVKkvhAYs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:15:16 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
maintenance.billing.pakchamp.com/	1969-12-31 23:59:59	Name: WHMCSy551iLvnhYt7 Value: 9efb85f8cab8d8d015d3eb072d410067
.pakchamp.com/	1970-01-20 10:09:39	Name: _gcl_au Value: 1.1.484097609.1670403750
.maintenance.billing.pakchamp.com/	1970-01-20 17:36:03	Name: G_ENABLED_IDPS Value: google
.doubleclick.net/	1970-01-20 17:21:39	Name: IDE Value: AHWqTUn9FDhVW78IV2B6jeuNswiPcimq0V9zE6_wM7LnXhhmDGTc4yIBRznyKdLc
.google.com/	1970-01-20 12:23:34	Name: NID Value: 511=XMQVu1bR5V9m2q6eg61vLKMN-s1ekHORGVuDvFBP3vrV1QPRABZv5t63INhEZ8SMfLsYc1QcjcKnHys3jAydrq8Q-F_qp6874ftAj3ZoOHV4zikS8qQm0S0pXdoTPcqg__lg-hUwNhIcygZUjSr-i333wkVRXcmr6HRFbi9cBnk

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://maintenance.billing.pakchamp.com/clientarea.php(Line 426) Message: Mixed Content: The page at 'https://maintenance.billing.pakchamp.com/clientarea.php' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://maintenance.billing.pakchamp.com/dologin.php'. This endpoint should be made available over a secure connection.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maintenance.billing.pakchamp.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
172.217.18.2
185.60.216.19
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200d
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a03:2880:f02d:12:face:b00c:0:3
51.79.164.227
026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
417aac34eae0d5f4db388578c4e2b9e035e6e7b42193a1498522529b6f73465d
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71
6dbecb39c428d835f15cd62853de3366c63371d40068c156f94d7992e2978679
6ea39cacea45a9956f8cc54d19543ceb189a68869d252ad6419fc3a27c0ecf36
704b7e13b2dc210f278a924dcb0022cf44ee39fd6f4729e68898572003738693
7333db2e273101a633e8a41821b9dfa3970b59c3f328e93b27ca076d2beef8ac
78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405
7d4b87f525644f21ecf0b14db0fdc913a3ce8440030f60a56fe8f60ce378c3ea
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
888008cbcaa4103fe56e7bea8e588b9b79c5f06c8e085584c43ec6eba6482fb2
8c7f7bb54bcba92428b4d93d25596406da6a7a91100fa125fbea595524b60f56
96116aa445a66f3e907604eefb4db643faef651cd85467c4a56b687c7f6a5f7c
9d31ff4c283218be9e85503fdbf356cb91bfb635926a336c9816b5144f33b445
a0ec80d2bd534cc0f79ab235d5f8a743484fbe45072af83553ce8d656daea9b8
ba2f976f080e9af180b1204de3b0a6e992a600497feaca002e6301a2d290c853
c47129520c3f25991a6e72c4d9a2b3edd839596b0172f51c6c31612269f1f27b
c5984563742400c7b5c90b8de0a061895e4b1b3b4811ed1c68ff522e7f7b6481
d2b7a90d667185944639054682d1cbd638b045ce8312af8b6cd874a9957b61c2
d664f2d449df343a94e82b23420e5c26e6764bfd6a9c6c4aca700f64faa76785
ea2579807b7917c215c543f7c5833f8da05f9acf19957b548447fa7f2997b5f5
ec910a1fef4218d76af97ac9debe2047162cd65588d114cbe43095d6f3e044fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
ff31705c0ac14cfbad9092761b8b6ab796b822f17afe6ea502d4903a5ddf31ab

maintenance.billing.pakchamp.com Open in urlscan Pro 51.79.164.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

75 %IPv6

9 Domains

12 Subdomains

13 IPs

4 Countries

2131 kBTransfer

3469 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

maintenance.billing.pakchamp.com Open in urlscan Pro
51.79.164.227 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

13
IPs

4
Countries

2131 kB
Transfer

3469 kB
Size

5
Cookies

44 HTTP transactions
2 data transactions