urlscan.io logo urlscan.io
SecurityTrails logo

www.fakereceipt.us Open in urlscan Pro
208.79.218.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fakereceipt.us/
Effective URL: http://www.fakereceipt.us/sales_receipt.php
Submission: On January 10 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 208.79.218.156, located in Regina, Canada and belongs to NETELLIGENT - eStruxture Data Centers Inc., CA. The main domain is www.fakereceipt.us.
This is the only time www.fakereceipt.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 208.79.218.156 10929 (NETELLIGENT)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 9
11    208.79.218.156 (Regina, Canada)

ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA)
fakereceipt.us
www.fakereceipt.us
3    2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    2a00:1450:400c:c00::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    2a00:1450:4001:81a::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com
Domain Requested by
10 www.fakereceipt.us 1 redirects www.fakereceipt.us
4 apis.google.com www.fakereceipt.us
apis.google.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.fakereceipt.us
pagead2.googlesyndication.com
1 accounts.google.com apis.google.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fakereceipt.us 1 redirects
25 9

This site contains links to these domains. Also see Links.

Domain
www.makereceipts.com
upcmachine.com
Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.apis.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
accounts.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://www.fakereceipt.us/sales_receipt.php
Frame ID: E41A03AD18DCAE36ACE3F7802A881B4E
Requests: 18 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Frame ID: 54226591248BEBB08969907C803DD0E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190107/r20180604/zrt_lookup.html
Frame ID: 2683A2A70E4482F97B86495DAC76D279
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=577695610&adf=967485065&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106587&bpp=53&bdt=201&fdt=212&idt=210&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&correlator=1802042856111&frm=20&pv=2&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=10926&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=245&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.s2a2q1ttpula&fsb=1&xpc=yExjfzymuQ&p=http%3A//www.fakereceipt.us&dtd=240
Frame ID: 8392EB5E299F991D6846070F8D23DBEC
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=240&origin=http%3A%2F%2Fwww.fakereceipt.us&url=http%3A%2F%2Fwww.fakereceipt.us%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
Frame ID: 83DED293F4B7BB722DCC4795B5F96253
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=1503612311&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106640&bpp=23&bdt=254&fdt=228&idt=157&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=525&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.qaqjq0emnjse&fsb=1&xpc=zwV31BR908&p=http%3A//www.fakereceipt.us&dtd=233
Frame ID: 7CE4EEBC8AC5FFD0E14A4FE10A040E12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=3583435573&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106696&bpp=18&bdt=311&fdt=192&idt=101&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1337&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.bjnuy83g7tn2&fsb=1&xpc=Ve0cdkqjuU&p=http%3A//www.fakereceipt.us&dtd=196
Frame ID: 45D8F02889B37ACB36FFB616953E955A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.fakereceipt.us&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
Frame ID: 1BB5A8C8F4966E8DC9E8FBA31A36F6A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fakereceipt.us/ HTTP 301
    http://www.fakereceipt.us/ HTTP 302
    http://www.fakereceipt.us/sales_receipt.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

25
Requests

52 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

337 kB
Transfer

858 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fakereceipt.us/ HTTP 301
    http://www.fakereceipt.us/ HTTP 302
    http://www.fakereceipt.us/sales_receipt.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sales_receipt.php
www.fakereceipt.us/
Redirect Chain
  • http://fakereceipt.us/
  • http://www.fakereceipt.us/
  • http://www.fakereceipt.us/sales_receipt.php
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 / PHP/5.5.38
Resource Hash
65e01e57b94aac52241bb8ec0c6c8e4da1a77c5e6c21e652c3ee5ffe642372e0

Request headers

Host
www.fakereceipt.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:04 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
X-Powered-By
PHP/5.5.38
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Cache-Control
max-age=86400, public
Content-Length
5255
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Thu, 10 Jan 2019 19:55:04 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
X-Powered-By
PHP/5.5.38
location
http://www.fakereceipt.us/sales_receipt.php
Vary
User-Agent
Cache-Control
max-age=86400, public
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
main.css
www.fakereceipt.us/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.fakereceipt.us/main.css
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
cf56daf3f0c913317aab62037640482fe778918bda65ca593872048f7d2ad88e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.fakereceipt.us/sales_receipt.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 May 2014 18:20:45 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1178
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a644be1e3b4ad77b5ada1f71ad4160572b4e045baffb1406c8092607211afda4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
7720523160976140535
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
28674
X-XSS-Protection
1; mode=block
Expires
Thu, 10 Jan 2019 19:55:06 GMT
help.gif
www.fakereceipt.us/images/ 		998 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/help.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
553f3d6244d8eda7553e4fdafb08e5e81aee1f9c7e9c43429618670345fb2cca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/sales_receipt.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Sun, 29 Dec 2013 19:47:40 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
998
callout_black.gif
www.fakereceipt.us/images/ 		102 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/callout_black.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
ce0c9570da3af6fb1c64c43046799504ffd816e1cd1ca0c685f35dcaf8aba63f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/sales_receipt.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Sun, 29 Dec 2013 19:37:50 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
102
218x320.gif
www.fakereceipt.us/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/218x320.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
6f3f0aabec45e09121520f63d30891eab658e5fade6645b0ece0b738dab5f131

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/sales_receipt.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Sun, 29 Dec 2013 23:16:07 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29792
add_bookmark.js
www.fakereceipt.us/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fakereceipt.us/add_bookmark.js
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
8d4dbfa259d7e36603efe7b4d15729a78bc1ea01f2cdc9a8d3b0efa5277737b6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.fakereceipt.us/sales_receipt.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Apr 2014 23:49:09 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2458
bg1.gif
www.fakereceipt.us/images/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/bg1.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
0db1f92d3b615e8cc378cc29c73efeb90ad6f0e964bb1bc84595208800770bf5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Sat, 24 Feb 2007 05:52:24 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
876
bigbg.gif
www.fakereceipt.us/images/ 		57 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/bigbg.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
b9d3427d2b663efcb42ed680ebb931111acb349deec463fddabb85e8c63bc170

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Mon, 09 Dec 2013 01:34:28 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
57
smallbg.gif
www.fakereceipt.us/images/ 		52 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fakereceipt.us/images/smallbg.gif
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
HTTP/1.1
Server
208.79.218.156 Regina, Canada, ASN10929 (NETELLIGENT - eStruxture Data Centers Inc., CA),
Reverse DNS
Software
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38 /
Resource Hash
700ba40f017d2878118d74367403f831d0a14d7a368b6cb2e7d99bcb1dfb29f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fakereceipt.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.fakereceipt.us/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fakereceipt.us/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:05 GMT
Last-Modified
Mon, 09 Dec 2013 01:36:48 GMT
Server
Apache/2.4.29 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.5.38
Content-Type
image/gif
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
52
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fakereceipt.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 19:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fakereceipt.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 19:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/ 		190 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a05a215b16ecc8e203d6e9f9ca79438cad75ce73543806292f0dafa571fe160a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
1994031239862489540
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
71971
X-XSS-Protection
1; mode=block
Expires
Thu, 10 Jan 2019 19:55:06 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/ Frame 5422 		190 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a05a215b16ecc8e203d6e9f9ca79438cad75ce73543806292f0dafa571fe160a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 10 Jan 2019 19:55:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
1994031239862489540
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
71971
X-XSS-Protection
1; mode=block
Expires
Thu, 10 Jan 2019 19:55:06 GMT
ca-pub-4516359453732833.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-4516359453732833.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 19:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jan 2019 20:53:08 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Fri, 11 Jan 2019 07:55:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190107/r20180604/ Frame 2683 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190107/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190107/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 09 Jan 2019 06:59:49 GMT
expires
Wed, 23 Jan 2019 06:59:49 GMT
content-type
text/html; charset=UTF-8
etag
14090563764879558401
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6959
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
132917
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.fakereceipt.us
URL: http://www.fakereceipt.us/sales_receipt.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c640b678d0499d026c4008ae8e19cf52054e774c96285003856a87c651f3a1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 19:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-7N5GGpP8mgITwhSDQBe34A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"3f36c672cff8a8a1d2d73e0050b4bcd4"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 10 Jan 2019 19:55:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8392 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=577695610&adf=967485065&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106587&bpp=53&bdt=201&fdt=212&idt=210&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&correlator=1802042856111&frm=20&pv=2&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=10926&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=245&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.s2a2q1ttpula&fsb=1&xpc=yExjfzymuQ&p=http%3A//www.fakereceipt.us&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=577695610&adf=967485065&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106587&bpp=53&bdt=201&fdt=212&idt=210&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&correlator=1802042856111&frm=20&pv=2&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=10926&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=245&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.s2a2q1ttpula&fsb=1&xpc=yExjfzymuQ&p=http%3A//www.fakereceipt.us&dtd=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 10 Jan 2019 19:55:07 GMT
server
cafe
content-length
16807
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 10-Jan-2019 20:10:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 10 Jan 2019 19:55:07 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3847f666cb27844629c2e655d6368cd02af56454769b068d88e51c9b6131a117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 19:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jan 2019 12:16:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26909
x-xss-protection
1; mode=block
expires
Thu, 10 Jan 2019 19:55:06 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GTl3bn_Jf-4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=gQ/rs=AGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GTl3bn_Jf-4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=gQ/rs=AGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f1243d72e9844b876c4a85a8ce7bc1df6465170ae7b6decd32e1a976260f8023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 18:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jan 2019 20:36:30 GMT
server
sffe
age
4816
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
46723
x-xss-protection
1; mode=block
expires
Fri, 10 Jan 2020 18:34:50 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GTl3bn_Jf-4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=gQ/rs=AGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ/ 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GTl3bn_Jf-4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=gQ/rs=AGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
637488f1d36d9ab0292085513eb639123a49584b883cff08ebc10fbdef7f67a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fakereceipt.us/sales_receipt.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 10 Jan 2019 18:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jan 2019 20:36:30 GMT
server
sffe
age
4814
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
34536
x-xss-protection
1; mode=block
expires
Fri, 10 Jan 2020 18:34:52 GMT
fastbutton
apis.google.com/se/0/_/+1/ Frame 83DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=240&origin=http%3A%2F%2Fwww.fakereceipt.us&url=http%3A%2F%2Fwww.fakereceipt.us%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=240&origin=http%3A%2F%2Fwww.fakereceipt.us&url=http%3A%2F%2Fwww.fakereceipt.us%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
cookie
NID=154=Jrm6mZTdEOk7qQ-GCplpmmy6mmE-BLq66yCDguaMb8yzUbButeKKXLJNmurIwBraJF58YP9Vz7SbR5aN8oThyS5YK-C3U-ilSO10dJlNA95L0GZ_zOMf7nTYuag2Z4th8UBPSfLjroRewkGD_e_U9WMDtLNJ2u9SpiNoleEqwZo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
content-type
text/html; charset=utf-8
x-ua-compatible
IE=edge, chrome=1
vary
Accept-Encoding
timing-allow-origin
*
expires
Thu, 10 Jan 2019 19:55:06 GMT
date
Thu, 10 Jan 2019 19:55:06 GMT
cache-control
private, max-age=3600
content-security-policy-report-only
script-src 'report-sample' 'nonce-7rQP5hE5gA1M7/GhvlRN1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame 7CE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=1503612311&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106640&bpp=23&bdt=254&fdt=228&idt=157&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=525&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.qaqjq0emnjse&fsb=1&xpc=zwV31BR908&p=http%3A//www.fakereceipt.us&dtd=233
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=1503612311&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106640&bpp=23&bdt=254&fdt=228&idt=157&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=525&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.qaqjq0emnjse&fsb=1&xpc=zwV31BR908&p=http%3A//www.fakereceipt.us&dtd=233
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 10 Jan 2019 19:55:07 GMT
server
cafe
content-length
16617
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 10-Jan-2019 20:10:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 10 Jan 2019 19:55:07 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 45D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=3583435573&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106696&bpp=18&bdt=311&fdt=192&idt=101&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1337&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.bjnuy83g7tn2&fsb=1&xpc=Ve0cdkqjuU&p=http%3A//www.fakereceipt.us&dtd=196
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4516359453732833&output=html&h=90&slotname=7120622304&adk=1686927478&adf=3583435573&w=728&lmt=1547150106&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.fakereceipt.us%2Fsales_receipt.php&flash=0&wgl=1&adsid=NT&dt=1547150106696&bpp=18&bdt=311&fdt=192&idt=101&shv=r20190107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1802042856111&frm=20&pv=1&ga_vid=310677120.1547150107&ga_sid=1547150107&ga_hid=1535918786&ga_fc=0&iag=0&icsg=141998&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1337&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081%2C20196256&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.bjnuy83g7tn2&fsb=1&xpc=Ve0cdkqjuU&p=http%3A//www.fakereceipt.us&dtd=196
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 10 Jan 2019 19:55:07 GMT
server
cafe
content-length
17810
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 10-Jan-2019 20:10:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 10 Jan 2019 19:55:07 GMT
cache-control
private
postmessageRelay
accounts.google.com/o/oauth2/ Frame 1BB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.fakereceipt.us&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GTl3bn_Jf-4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=gQ/rs=AGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-06FcPVQTz+BXontpOM0suw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.fakereceipt.us&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GTl3bn_Jf-4.O%2Fam%3DgQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMBs9jfUMDDcVzWid6H2RmszAw2BQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.fakereceipt.us/sales_receipt.php
accept-encoding
gzip, deflate, br
cookie
NID=154=Jrm6mZTdEOk7qQ-GCplpmmy6mmE-BLq66yCDguaMb8yzUbButeKKXLJNmurIwBraJF58YP9Vz7SbR5aN8oThyS5YK-C3U-ilSO10dJlNA95L0GZ_zOMf7nTYuag2Z4th8UBPSfLjroRewkGD_e_U9WMDtLNJ2u9SpiNoleEqwZo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.fakereceipt.us/sales_receipt.php

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Jan 2019 19:55:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-06FcPVQTz+BXontpOM0suw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars boolean| isOldMSIE boolean| isIEmac function| isEmpty object| addBookmarkObj object| LoadHandler function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| gapi object| ___jsl function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 154=Jrm6mZTdEOk7qQ-GCplpmmy6mmE-BLq66yCDguaMb8yzUbButeKKXLJNmurIwBraJF58YP9Vz7SbR5aN8oThyS5YK-C3U-ilSO10dJlNA95L0GZ_zOMf7nTYuag2Z4th8UBPSfLjroRewkGD_e_U9WMDtLNJ2u9SpiNoleEqwZo
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUl5Xhd59WyYRMEomZPLO3Kx1c3SBnvtrEcMfaWlzmjqo4LrEV91EEdhtFbX

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
fakereceipt.us
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.fakereceipt.us
www.googletagservices.com
208.79.218.156
2a00:1450:4001:808::2002
2a00:1450:4001:817::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200d
2a00:1450:4001:81d::2002
2a00:1450:4001:824::2002
2a00:1450:400c:c00::9b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0db1f92d3b615e8cc378cc29c73efeb90ad6f0e964bb1bc84595208800770bf5
3847f666cb27844629c2e655d6368cd02af56454769b068d88e51c9b6131a117
553f3d6244d8eda7553e4fdafb08e5e81aee1f9c7e9c43429618670345fb2cca
637488f1d36d9ab0292085513eb639123a49584b883cff08ebc10fbdef7f67a4
65e01e57b94aac52241bb8ec0c6c8e4da1a77c5e6c21e652c3ee5ffe642372e0
6f3f0aabec45e09121520f63d30891eab658e5fade6645b0ece0b738dab5f131
700ba40f017d2878118d74367403f831d0a14d7a368b6cb2e7d99bcb1dfb29f7
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8d4dbfa259d7e36603efe7b4d15729a78bc1ea01f2cdc9a8d3b0efa5277737b6
a05a215b16ecc8e203d6e9f9ca79438cad75ce73543806292f0dafa571fe160a
a644be1e3b4ad77b5ada1f71ad4160572b4e045baffb1406c8092607211afda4
b9d3427d2b663efcb42ed680ebb931111acb349deec463fddabb85e8c63bc170
c640b678d0499d026c4008ae8e19cf52054e774c96285003856a87c651f3a1f2
ce0c9570da3af6fb1c64c43046799504ffd816e1cd1ca0c685f35dcaf8aba63f
cf56daf3f0c913317aab62037640482fe778918bda65ca593872048f7d2ad88e
f1243d72e9844b876c4a85a8ce7bc1df6465170ae7b6decd32e1a976260f8023