urlscan.io logo urlscan.io
SecurityTrails logo

media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com Open in urlscan Pro
2606:4700::6812:1536  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Effective URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Submission: On October 13 via api from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 20 domains to perform 35 HTTP transactions. The main IP is 2606:4700::6812:1536, located in United States and belongs to CLOUDFLARENET, US. The main domain is media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com.
TLS certificate: Issued by E6 on September 5th 2024. Valid for: 3 months.
This is the only time media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.94.41 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
1 18.245.86.101 16509 (AMAZON-02)
2 157.240.253.1 32934 (FACEBOOK)
1 178.250.1.3 44788 (ASN-CRITE...)
2 2 172.217.16.134 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
1 142.250.185.98 15169 (GOOGLE)
1 54.89.106.199 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 35.165.116.70 16509 (AMAZON-02)
1 142.250.186.164 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 16
4    2606:4700::6812:1536 (United States)

ASN13335 (CLOUDFLARENET, US)
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    18.245.86.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-101.fra60.r.cloudfront.net
cdn.amplitude.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
adservice.google.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
1    54.89.106.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-106-199.compute-1.amazonaws.com
usgato.mybillie.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.165.116.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-116-70.us-west-2.compute.amazonaws.com
api.amplitude.com
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.no
Apex Domain
Subdomains		 Transfer
5 mybillie.com
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
usgato.mybillie.com
1 MB
3 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 150
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net Failed
2 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2890
api.amplitude.com — Cisco Umbrella Rank: 2484
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
210 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 357
www.google.com — Cisco Umbrella Rank: 3
127 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
150 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
1 google.no
www.google.no — Cisco Umbrella Rank: 35683
455 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
16 KB
0 videoamp.com Failed
b.videoamp.com Failed
0 w55c.net Failed
tags.w55c.net Failed
0 trkn.us Failed
trkn.us Failed
0 byspotify.com Failed
pixel.byspotify.com Failed
0 impactcdn.com Failed
utt.impactcdn.com Failed
0 liadm.com Failed
b-code.liadm.com Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
0 sc-static.net Failed
sc-static.net Failed
0 pinimg.com Failed
s.pinimg.com Failed
35 20
Domain Requested by
4 media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
3 www.googletagmanager.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
www.googletagmanager.com
2 api.amplitude.com cdn.amplitude.com
2 www.facebook.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
2 ad.doubleclick.net 2 redirects
2 connect.facebook.net media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
connect.facebook.net
2 challenges.cloudflare.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
challenges.cloudflare.com
1 www.google.no media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
1 www.google.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
1 usgato.mybillie.com connect.facebook.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 gum.criteo.com static.criteo.net
1 adservice.google.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
1 static.criteo.net www.googletagmanager.com
1 cdn.amplitude.com media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 td.doubleclick.net Failed www.googletagmanager.com
0 b.videoamp.com Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 tags.w55c.net Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 trkn.us Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 pixel.byspotify.com Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 utt.impactcdn.com Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 b-code.liadm.com Failed www.googletagmanager.com
0 analytics.tiktok.com Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 sc-static.net Failed media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
0 s.pinimg.com Failed www.googletagmanager.com
35 25

This site contains links to these domains. Also see Links.

Domain
mybillie.com
Subject Issuer Validity Valid
mybillie.com
E6		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-22 -
2024-10-20		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
usgato.mybillie.com
R10		 2024-09-30 -
2024-12-29		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.no
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Frame ID: 8C9138135BD6F6CC317612685216CE53
Requests: 32 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q7un3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: BB8940917AC736088161D8C94CC9421A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com&origin=onetag
Frame ID: BB05DAE9B0E747B4018905F2D9FCDCEF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/806571251?random=1728838466325&cv=11&fst=1728838466325&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z877803121za201zb77803121&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&hn=www.googleadservices.com&frm=0&tiba=Billie%20%7C%20Something%20went%20wrong&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: EE4CFABA771E65045AB87E20B8E3FD38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Billie | Something went wrong

Page URL History Show full URLs

  1. http://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ HTTP 307
    https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

35
Requests

63 %
HTTPS

25 %
IPv6

20
Domains

25
Subdomains

16
IPs

4
Countries

1610 kB
Transfer

3568 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ HTTP 307
    https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://ad.doubleclick.net/ddm/activity/src=13882839;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1680701992337.037 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1680701992337.037 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1680701992337.037

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Redirect Chain
  • http://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
  • https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
994 KB
550 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1536 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6db4efa68369608afc55bd4408585556cc044721a8f10c75c5e3bb873c449a56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
0/JgL/Cud8+8U5GecxYRq0HtXnMPdXA3IofP/PIqRCdJVUuhhauJp8/9kc50QOTpOOv9Mo+GqTs1sAeKBukixaZ4lOM75X9zEFhEhSCFInie0S4BVsA3XkOh+RCuEyyLgumArkhAu37a3OeGyg8MLg==$KmydUteeJLu/FYSxbABcdg==
cf-mitigated
challenge
cf-ray
8d20d9f7e85e92b5-CPH
content-encoding
gzip
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 13 Oct 2024 16:54:25 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Non-Authoritative-Reason
HSTS
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ba6aedacee0803ccf2a607574c149e7d1a3fbc06502b87760249576155878d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
v1
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		153 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d20d9f7e85e92b5
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1536 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238880b52f97917ec5f19c9c3c86098deadeade5978c39bc40b9a0885bc2d413

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/?__cf_chl_rt_tk=7Z9sk1Z.2CbcTt99EScnL0diZPgMRKPGfq_WS_7UBL8-1728838465-1.0.1.1-.cF1Re3kWh824MFWQ38kPDt4l7A6UPnN_fIzS7kvkEI

Response headers

cf-ray
8d20d9f9fa0592b5-CPH
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
date
Sun, 13 Oct 2024 16:54:25 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
gtm.js
www.googletagmanager.com/ 		424 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW5HVV5
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/?__cf_chl_rt_tk=7Z9sk1Z.2CbcTt99EScnL0diZPgMRKPGfq_WS_7UBL8-1728838465-1.0.1.1-.cF1Re3kWh824MFWQ38kPDt4l7A6UPnN_fIzS7kvkEI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6436e392465afaf8af090cf876271a9c1235828d4ae1525722e521c35d915b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 13 Oct 2024 16:54:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 16:54:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 13 Oct 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
117034
x-xss-protection
0
server
Google Tag Manager
efc7d2c5-9afb-47e6-896e-ebf22d0ba7e2
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d20d9f7e85e92b5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d20d9fa8da1be3a-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 16:54:25 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding
truncated
/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d3f7bd48dfdfbe3c3c8e8280fe7759166220577788b972fb09537cbfb68a3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
Referer

Response headers

Content-Type
binary/octet-stream
7024db95a9230de
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1236725085:1728836041:Udg5NWHsO3MZx_bHoN9NvI89RP_cq4flnc_yh0NeWHk/8d20d9f7e85e92b5/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1236725085:1728836041:Udg5NWHsO3MZx_bHoN9NvI89RP_cq4flnc_yh0NeWHk/8d20d9f7e85e92b5/7024db95a9230de
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d20d9f7e85e92b5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1536 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009115eafe30ffd91217431eaf1c3adb8cbef35630a0e885d54dd2e1a6f90da8

Request headers

Referer
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
7024db95a9230de

Response headers

cf-ray
8d20d9fafb1492b5-CPH
content-encoding
gzip
date
Sun, 13 Oct 2024 16:54:25 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
htsIStpbgT/0QJiDhj5Pu64u9ro/kBEYnL3pRqlwxP03ZeEIZ0dfRKFJC6Mx2f9HaAndwdp5aw==$OweBRRScWKDwWs9a
server
cloudflare
9ed60d72-2ff7-4dd6-95c5-7f3547db2d4b
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q7un3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame BB89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q7un3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d20d9fbbe57abe7-CPH
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 13 Oct 2024 16:54:25 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
amplitude-7.2.1-min.gz.js
cdn.amplitude.com/libs/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"e7ee6bc7f428f90fb1b1ed0e94b9f835"
x-amz-version-id
rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
OJCx2biiujnf8iM-8-sA4lgWu89hANfdGdwyhqMB06vDFemeiQXSsQ==
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 22 Sep 2020 19:51:25 GMT
cache-control
max-age=31536000
via
1.1 56a77d6c9e6b49fa4179a99507a9582e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19222
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-806571251&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5HVV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8297e3affff5fe157796f5c30352baf0bf65771566f1fdad4dc7950e70140da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 13 Oct 2024 16:54:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 16:54:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 13 Oct 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96929
x-xss-protection
0
server
Google Tag Manager
core.js
s.pinimg.com/ct/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 16:54:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4445, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Q5L7JTJ5aKy/KiSTDYY0RpRHRmeYS75rHzdo+IFeAdqWPxvZkwphnm7myBQwtUxsgEt5rkRL0HVQFJ+fMKlwkQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
scevent.min.js
sc-static.net/ 		0
0
ld.js
static.criteo.net/js/ld/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5HVV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
85280f22c8a54d12fd0aafb6cfa8d1a417f0db2153771b9a5f7d25f442fabc93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"66f46b43-c5ce"
cross-origin-resource-policy
cross-origin
expires
Mon, 14 Oct 2024 16:54:26 GMT
access-control-allow-origin
*
date
Sun, 13 Oct 2024 16:54:26 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 19:57:55 GMT
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
a-0659.min.js
b-code.liadm.com/ 		0
0
A4717513-f500-491e-b232-410cb5c211bc1.js
utt.impactcdn.com/ 		0
0
ping.min.js
pixel.byspotify.com/ 		0
0
ppt=12467;g=sitewide;gid=34580
trkn.us/pixel/conv/ 		0
0
rs
tags.w55c.net/ 		0
0
impression
b.videoamp.com/d2/6f050d18-7667-4ad6-bd32-aef99f32dae3/9095/ 		0
0
src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=16807...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=13882839;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord...
  • https://ad.doubleclick.net/ddm/activity/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
  • https://adservice.google.com/ddm/fls/z/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1680701992337.037
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 13 Oct 2024 16:54:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 13 Oct 2024 16:54:26 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"3328454756736055874"}],"aggregatable_trigger_data":[{"filters":[{"14":["31878192"]}],"key_piece":"0x84f2d76965db3100","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd8635fa05b2aa668","not_filters":{"14":["31878192"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3195065656529232177","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3328454756736055874","filters":[{"14":["31878192"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3328454756736055874","filters":[{"14":["31878192"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3328454756736055874","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3328454756736055874","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13882839"]}}
content-type
image/png
cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/src=13882839;dc_pre=CIu_rZXpi4kDFTvMOwIdiDslcA;type=invmedia;cat=billi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1680701992337.037
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
0
x-xss-protection
0
server
cafe
td
www.googletagmanager.com/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=AW-806571251&v=3&t=t&pid=70045661&dl=media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&tdp=AW-806571251;;1;7;1&frm=0&rtg=7803121&rlo=1&slo=1&hlo=4&lst=1&pcid=7803121&z=0
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 13 Oct 2024 16:54:26 GMT
content-type
text/plain
server
Golfe2
518073478547033
connect.facebook.net/signals/config/ 		298 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/518073478547033?v=2.9.170&r=stable&domain=media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
731a4aba17183eba30ce795e3ace37b1d5139650862fe0f80de1ad70e4db8dad
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 16:54:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=74, mss=1232, tbw=67307, tp=63, tpl=0, uplat=472, ullat=0
pragma
public
x-fb-debug
4jeFU3qWVnOcs0WoEv3Oz1hW8/FwbAzECODEnpXzFSVQgSlVy2GHCjs7wf14AsRJkR8FpkKMao7FiJS5lJcEqw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
syncframe
gum.criteo.com/ Frame BB05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Oct 2024 16:54:26 GMT
server
Kestrel
server-processing-duration-in-ticks
329730
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/806571251/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806571251/?random=1728838466325&cv=11&fst=1728838466325&bg=ffffff&guid=ON&async=1&gtm=45be4a90z877803121za201zb77803121&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&hn=www.googleadservices.com&frm=0&tiba=Billie%20%7C%20Something%20went%20wrong&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-806571251&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
50af482ba874b457dbc1f2843fa10518a89f644e40bcf77478133f7698b86a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2364
date
Sun, 13 Oct 2024 16:54:27 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
806571251
td.doubleclick.net/td/rul/ Frame EE4C 		0
0
60c5c3fe1d5e9fa307697e0c7f2e64a95dfda8011cf520b653f4859d0dafd15b
usgato.mybillie.com/events/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usgato.mybillie.com/events/60c5c3fe1d5e9fa307697e0c7f2e64a95dfda8011cf520b653f4859d0dafd15b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/518073478547033?v=2.9.170&r=stable&domain=media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.89.106.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-106-199.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
content-length
0
date
Sun, 13 Oct 2024 16:54:27 GMT
vary
origin
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=518073478547033&ev=PageView&dl=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&rl=&if=false&ts=1728838467008&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728838467005.242252783342683253&eid=ob3_plugin-set_10335b6e46e7eda31d7a2aa2637dff761de742e8a8362230820a87aea016d4b4&ler=empty&cdl=API_unavailable&it=1728838466394&coo=false&dpo=&rqm=GET
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1297, tbw=2937, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=518073478547033&ev=PageView&dl=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&rl=&if=false&ts=1728838467008&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728838467005.242252783342683253&eid=ob3_plugin-set_10335b6e46e7eda31d7a2aa2637dff761de742e8a8362230820a87aea016d4b4&ler=empty&cdl=API_unavailable&it=1728838466394&coo=false&dpo=&rqm=FGET
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425304676658443485"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
nadpbg9vgVquamISxpZS2GbFJ8SlLphYt4U7PRlmCywnym4j4BtuhgyznKpqcY1lmvr/3IXrIZl3S09IPBHaXw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425304676658443485", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=3255, tp=-1, tpl=-1, uplat=160, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
api.amplitude.com/ 		7 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.165.116.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-116-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
7
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
text/html;charset=utf-8
/
www.google.com/pagead/1p-user-list/806571251/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/806571251/?random=1728838466325&cv=11&fst=1728835200000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z877803121za201zb77803121&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&hn=www.googleadservices.com&frm=0&tiba=Billie%20%7C%20Something%20went%20wrong&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnff7iYfS5rQVj5T8OFsElhMnhWC75ULpbR7uuiVC3jyAwB0pek&random=2737602986&rmt_tld=0&ipr=y
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 13 Oct 2024 16:54:27 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.no/pagead/1p-user-list/806571251/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/806571251/?random=1728838466325&cv=11&fst=1728835200000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z877803121za201zb77803121&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&hn=www.googleadservices.com&frm=0&tiba=Billie%20%7C%20Something%20went%20wrong&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnff7iYfS5rQVj5T8OFsElhMnhWC75ULpbR7uuiVC3jyAwB0pek&random=2737602986&rmt_tld=1&ipr=y
Requested by
Host: media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 13 Oct 2024 16:54:27 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/ 		992 KB
547 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1536 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283de560b48bf4dee96b145cfd95b30490c5e4a97c2aedfcac5da9a6c08012cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/

Response headers

content-encoding
gzip
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
4CWHiK7QlSyxLWlcSI0XPSrJrHCkAKNUaM/YVy9Y0qhTgX+ic/iU4FtIh664gLmJkvaKMvVQmuCRiBHjds+8RxThtoHavSi2Z23F5v00csrG8qIGA0zjD+WGjJFKr7nJeJMYDL5AIZXgsyCvoh4grg==$/8Cio47EGidjnUbeCuVu+w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d20da064cd792b5-CPH
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
/
api.amplitude.com/ 		7 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.165.116.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-116-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
7
date
Sun, 13 Oct 2024 16:54:27 GMT
content-type
text/html;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL
blob:https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/efc7d2c5-9afb-47e6-896e-ebf22d0ba7e2
Domain
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
URL
blob:https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/9ed60d72-2ff7-4dd6-95c5-7f3547db2d4b
Domain
s.pinimg.com
URL
https://s.pinimg.com/ct/core.js
Domain
sc-static.net
URL
https://sc-static.net/scevent.min.js
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C20UI7N3GOD0LQGCGKG0&lib=ttq
Domain
b-code.liadm.com
URL
https://b-code.liadm.com/a-0659.min.js
Domain
utt.impactcdn.com
URL
https://utt.impactcdn.com/A4717513-f500-491e-b232-410cb5c211bc1.js
Domain
pixel.byspotify.com
URL
https://pixel.byspotify.com/ping.min.js
Domain
trkn.us
URL
https://trkn.us/pixel/conv/ppt=12467;g=sitewide;gid=34580?gtmcb=1882617543
Domain
tags.w55c.net
URL
https://tags.w55c.net/rs?id=e2d0e8f961244dcbb97f08ee83bf73cf&t=homepage&gtmcb=263168174
Domain
b.videoamp.com
URL
https://b.videoamp.com/d2/6f050d18-7667-4ad6-bd32-aef99f32dae3/9095/impression?dnt=false&vpxid=9095&bwb=35&cevt=HOMEPAGE&gtmcb=409337295
Domain
td.doubleclick.net
URL
https://td.doubleclick.net/td/rul/806571251?random=1728838466325&cv=11&fst=1728838466325&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z877803121za201zb77803121&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedia-qa-autodandomain-vendorerfig-labprod.review.mybillie.com%2F&hn=www.googleadservices.com&frm=0&tiba=Billie%20%7C%20Something%20went%20wrong&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _cf_chl_opt object| dataLayer function| ZcHV6 function| HFmwV6 function| iHCC5 object| dSJo7 object| lajwG7 function| DXjyL6 boolean| Pjghl3 function| jXVRZ7 function| VBYM6 function| brdWQ0 object| PZKL0 number| BuTN0 object| angular object| FnNf4 object| turnstile boolean| qVQK0 string| FUWvI4 boolean| YGymh1 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| otEventListeners function| OptanonWrapper object| amplitude function| pintrk function| fbq function| _fbq function| snaptr object| r string| TiktokAnalyticsObject object| ttq function| getCookieImpactLoadingTag string| ire_o function| ire string| axel number| a function| spdt object| criteo_q string| deviceType object| GooglebQhCsO object| regeneratorRuntime

13 Cookies

Domain/Path Name / Value
.usgato.mybillie.com/events/60c5c3fe1d5e9fa307697e0c7f2e64a95dfda8011cf520b653f4859d0dafd15b Name: cee
Value: VP6%2F81tFvvFvwdycxOt0143l2WL6zC7KfUT%2BhC6o4sk%3D.%7B%7D
sc-static.net/scevent.min.js Name: X-AB
Value: cc8f398e6c2d4b84b15908c5e6ccf9a3
.mybillie.com/ Name: __cf_bm
Value: cmBTqaXSSB_g4yaQ.fIcGoKPy_Z3_d4hS8nUr9oT_FI-1728838465-1.0.1.1-2R.RKzCtgTMYwTaKb2QTbWxOYWT2hQZrFFonZTfcsRfBYUApl0LU7_mifDnSLymnsyrLpFMEInIR4V841LpfgA
.trkn.us/ Name: barometric[cuid]
Value: cuid_670bfb42-9cd0-4170-829f-25715448729a
.tiktok.com/ Name: _ttp
Value: 2nOK1PRSLCIM4N9YJxrZkDtWEfH
.w55c.net/ Name: wfivefivec
Value: zLDqLaDV1T01Ro2
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.mybillie.com/ Name: _fbp
Value: fb.1.1728838467005.242252783342683253
.doubleclick.net/ Name: IDE
Value: AHWqTUneO-GhcXCyT8dvlw0pEhtW8zi2HAiebczUQvRx_nwvuXafsqG8AZSk-qUI
.mybillie.com/ Name: amp_57a3bc
Value: -cKl0ofq87LQ7E-uzk0A9O...1ia3cqvg2.1ia3cqvg9.2.0.2
.criteo.com/ Name: uid
Value: 9b060c83-6547-49fa-a4ca-7763dbea6bef
.criteo.com/ Name: receive-cookie-deprecation
Value: 1

11 Console Messages

Source Level URL
Text
network error URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pixel.byspotify.com/ping.min.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sc-static.net/scevent.min.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://trkn.us/pixel/conv/ppt=12467;g=sitewide;gid=34580?gtmcb=1882617543
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.pinimg.com/ct/core.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://utt.impactcdn.com/A4717513-f500-491e-b232-410cb5c211bc1.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C20UI7N3GOD0LQGCGKG0&lib=ttq
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://tags.w55c.net/rs?id=e2d0e8f961244dcbb97f08ee83bf73cf&t=homepage&gtmcb=263168174
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://b-code.liadm.com/a-0659.min.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://b.videoamp.com/d2/6f050d18-7667-4ad6-bd32-aef99f32dae3/9095/impression?dnt=false&vpxid=9095&bwb=35&cevt=HOMEPAGE&gtmcb=409337295
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.amplitude.com
b-code.liadm.com
b.videoamp.com
cdn.amplitude.com
challenges.cloudflare.com
connect.facebook.net
googleads.g.doubleclick.net
gum.criteo.com
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
pixel.byspotify.com
s.pinimg.com
sc-static.net
static.criteo.net
tags.w55c.net
td.doubleclick.net
trkn.us
usgato.mybillie.com
utt.impactcdn.com
www.facebook.com
www.google.com
www.google.no
www.googletagmanager.com
analytics.tiktok.com
b-code.liadm.com
b.videoamp.com
media-qa-autodandomain-vendorerfig-labprod.review.mybillie.com
pixel.byspotify.com
s.pinimg.com
sc-static.net
tags.w55c.net
td.doubleclick.net
trkn.us
utt.impactcdn.com
104.18.94.41
104.18.95.41
142.250.185.66
142.250.185.98
142.250.186.164
157.240.253.1
172.217.16.134
178.250.1.11
178.250.1.3
18.245.86.101
2606:4700::6812:1536
2a00:1450:4001:80b::2008
2a00:1450:4001:81d::2003
2a03:2880:f176:181:face:b00c:0:25de
35.165.116.70
54.89.106.199
009115eafe30ffd91217431eaf1c3adb8cbef35630a0e885d54dd2e1a6f90da8
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
238880b52f97917ec5f19c9c3c86098deadeade5978c39bc40b9a0885bc2d413
283de560b48bf4dee96b145cfd95b30490c5e4a97c2aedfcac5da9a6c08012cf
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
50af482ba874b457dbc1f2843fa10518a89f644e40bcf77478133f7698b86a1d
6436e392465afaf8af090cf876271a9c1235828d4ae1525722e521c35d915b47
6ba6aedacee0803ccf2a607574c149e7d1a3fbc06502b87760249576155878d9
6db4efa68369608afc55bd4408585556cc044721a8f10c75c5e3bb873c449a56
731a4aba17183eba30ce795e3ace37b1d5139650862fe0f80de1ad70e4db8dad
8297e3affff5fe157796f5c30352baf0bf65771566f1fdad4dc7950e70140da7
85280f22c8a54d12fd0aafb6cfa8d1a417f0db2153771b9a5f7d25f442fabc93
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b3d3f7bd48dfdfbe3c3c8e8280fe7759166220577788b972fb09537cbfb68a3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629