dcr-billing.com Open in urlscan Pro
158.106.137.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.dcr-billing.com/
Effective URL:
https://dcr-billing.com/sys/login
Submission: On November 26 via automatic, source certstream-suspicious (November 26th 2021, 9:00:25 am UTC) — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 40 HTTP transactions. The main IP is 158.106.137.158, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is dcr-billing.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 26th 2021. Valid for: 3 months.

This is the only time dcr-billing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 24	158.106.137.158 158.106.137.158	63410 (PRIVATESY...) (PRIVATESYSTEMS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
40	8

24 158.106.137.158 (United States) 3 redirects

ASN63410 (PRIVATESYSTEMS, US)

www.dcr-billing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dcr-billing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
facturalaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	dcr-billing.com 3 redirects www.dcr-billing.com dcr-billing.com	433 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	519 KB
4	google.com www.google.com	23 KB
2	facebook.com www.facebook.com	386 B
2	facebook.net connect.facebook.net	113 KB
2	facturalaya.com facturalaya.com	144 KB
1	googleapis.com fonts.googleapis.com	1 KB
40	7

	Domain	Requested by
19	dcr-billing.com	dcr-billing.com
6	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	dcr-billing.com www.gstatic.com www.google.com
3	www.dcr-billing.com	3 redirects
2	www.facebook.com	dcr-billing.com
2	connect.facebook.net	dcr-billing.com connect.facebook.net
2	facturalaya.com	dcr-billing.com
1	fonts.googleapis.com	dcr-billing.com
40	9

This site contains no links.

Subject Issuer	Validity	Valid
facturalaya.com cPanel, Inc. Certification Authority	`2021-11-26` - `2022-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-04` - `2021-12-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://dcr-billing.com/sys/login
Frame ID: 3533EA6BBD78E46B261569ED70B435D5
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP&co=aHR0cHM6Ly9kY3ItYmlsbGluZy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=qferf3a4ymj7
Frame ID: 10020779B6C39294EA9FA27A7F7CAFB3
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP
Frame ID: 7EB09D6104633E081E3DB2034F98AE45
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://www.dcr-billing.com/ HTTP 302
https://www.dcr-billing.com/sys/index HTTP 302
https://www.dcr-billing.com/sys/login HTTP 302
https://dcr-billing.com/sys/login Page URL

Page Statistics

40
Requests

53 %
HTTPS

86 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1233 kB
Transfer

3194 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.dcr-billing.com/ HTTP 302
https://www.dcr-billing.com/sys/index HTTP 302
https://www.dcr-billing.com/sys/login HTTP 302
https://dcr-billing.com/sys/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
dcr-billing.com/sys/
Redirect Chain

https://www.dcr-billing.com/
https://www.dcr-billing.com/sys/index
https://www.dcr-billing.com/sys/login
https://dcr-billing.com/sys/login

7 KB
3 KB

689ms
160ms

Document
text/html

158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5fc986bf4497fdfa9dded38e74dc07854ec825f7205bc52b1124708e73ef3c0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 2325
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 26 Nov 2021 09:00:19 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
location: https://dcr-billing.com/sys/login
content-type: text/html; charset=UTF-8
content-length: 2325
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 26 Nov 2021 09:00:18 GMT
server: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 39ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900

Requested by

Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 07:20:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 09:00:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 09:00:19 GMT

GET
H2 200 styles.css
dcr-billing.com/sys/template/assets/css/icons/icomoon/ 47 KB
8 KB 123ms
120ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/icons/icomoon/styles.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 86ef45c204ae966a2362a5bdd1657511fc19ca2421989a06a52bde5d906ef211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Tue, 02 Oct 2018 01:58:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7857
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 styles.min.css
dcr-billing.com/sys/template/assets/css/icons/fontawesome/ 28 KB
6 KB 124ms
122ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/icons/fontawesome/styles.min.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a3994e367a21c6e65e40a3733c2e178e24782a4fa4ca0e6b0cb95ff3b7f11e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6285
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 bootstrap.css
dcr-billing.com/sys/template/assets/css/ 142 KB
19 KB 226ms
223ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/bootstrap.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3c33a4c0f667e0c5e1d90c866dc2fc3202f9bab9aa13b72c07a23e08a428ef4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2017 23:41:48 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19899
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 core.css
dcr-billing.com/sys/template/assets/css/ 144 KB
20 KB 330ms
327ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/core.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1516a6ae40383d82fc5c240121af66dc94f7a0b689ef207bda0ab016ca0d11cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2017 23:41:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20097
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 components.css
dcr-billing.com/sys/template/assets/css/ 457 KB
65 KB 330ms
328ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/components.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 63904c2db1b4b64eed3e00449ede69b06db7e384ec29e22e418503e630befa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Sun, 04 Aug 2019 20:49:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 66955
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 colors.css
dcr-billing.com/sys/template/assets/css/ 45 KB
5 KB 431ms
429ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/colors.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 183de2ede7ac0dabf8174d18b593dfd90c554690953394c645e961073c31ff72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2017 23:41:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5041
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 pace.min.js Show response
dcr-billing.com/sys/template/assets/js/plugins/loaders/ 12 KB
4 KB 433ms
430ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/plugins/loaders/pace.min.js
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 10fae43631849825b26b36f703f1298fe5bb426da907dbe77d7c3e5fa2c898f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4127
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 jquery.min.js Show response
dcr-billing.com/sys/template/assets/js/core/libraries/ 82 KB
28 KB 433ms
431ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/core/libraries/jquery.min.js
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28793
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 bootstrap.min.js Show response
dcr-billing.com/sys/template/assets/js/core/libraries/ 36 KB
9 KB 436ms
434ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/core/libraries/bootstrap.min.js
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9515
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 blockui.min.js Show response
dcr-billing.com/sys/template/assets/js/plugins/loaders/ 9 KB
3 KB 437ms
435ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/plugins/loaders/blockui.min.js
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6ad115fc2ea2de47b478b0df9796170bb182a41c5f4ac3b5d3ccbf0643d9771f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3074
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 sweet_alert.min.js Show response
dcr-billing.com/sys/template/assets/js/plugins/notifications/ 17 KB
5 KB 437ms
435ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/plugins/notifications/sweet_alert.min.js
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5138
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 uniform.min.js Show response
dcr-billing.com/sys/template/assets/js/plugins/forms/styling/ 8 KB
3 KB 437ms
436ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/plugins/forms/styling/uniform.min.js?i=v2
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3af12c965b926ad1451cf9d18c5ef7f78f315b2b73644d66153e258fa423a9bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2842
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 app.js Show response
dcr-billing.com/sys/template/assets/js/core/ 18 KB
3 KB 437ms
436ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/core/app.js?i=v2
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dfef6ad262eb221bd3873ef0cf954312d802e5112c5cdffbc608cacf38315f25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Tue, 28 May 2019 05:34:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2851
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 select2.min.js Show response
dcr-billing.com/sys/template/assets/js/plugins/forms/selects/ 73 KB
19 KB 438ms
436ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/js/plugins/forms/selects/select2.min.js?i=v2
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a4468f9651948b3fa77d5fe9a0056b7663d676c57cc6e1923643e824dd145ca4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19641
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 47ms
23ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?i=v3

Requested by

Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 09:00:19 GMT

GET
H2 200 login.js Show response
dcr-billing.com/sys/js/ 7 KB
1 KB 438ms
437ms Script
application/javascript 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/js/login.js?i=1040368982
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 65d0be24b17ce3fb7301d4cda550ef55494b80b10f232d15827b70adc8512d49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Wed, 01 Apr 2020 09:53:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1146
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 main-indigo.css
dcr-billing.com/sys/css/ 4 KB
1 KB 430ms
429ms Stylesheet
text/css 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/css/main-indigo.css
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b9a04b3f8b3110c131291cf253414fb1aebd725d6e09fca4df46314e71831cd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
content-encoding: br
last-modified: Mon, 30 Mar 2020 05:12:40 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1231
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 imguser-5eb59c2872c45-d22944c5bd575da3d62715005ecccd35.png
dcr-billing.com/sys/herramientas/verimage/ 15 KB
15 KB 239ms
239ms Image
image/png 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcr-billing.com/sys/herramientas/verimage/imguser-5eb59c2872c45-d22944c5bd575da3d62715005ecccd35.png
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 78d84f0c1fedcccadb6615e572133eac48f1a0583c1e50536fb617c83ca8973d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/sys/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 09:00:19 GMT
cache-control: must-revalidate
expires: 0
server: LiteSpeed
vary: User-Agent
content-type: image/png

GET
H2 200 verificacion.png
facturalaya.com/sys/img/ 18 KB
19 KB 460ms
113ms Image
image/png 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facturalaya.com/sys/img/verificacion.png
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 81d5942d2e3278840ad9cbcd7eece4fd7637706ba17b93ec5ef018873ec5542c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:20 GMT
last-modified: Wed, 13 Nov 2019 22:39:22 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 18678
expires: Sun, 26 Dec 2021 09:00:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?i=v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dcr-billing.com/
Origin: https://dcr-billing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 08:52:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: Y4wcrzdrx5DMvf4kFBkXfd+1SbabKopgOqV8wCdXgSz4n7tOknPK1Mz7uoMse6zrtgwKAtBi9tqGqZ/MFDUj4w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 26 Nov 2021 09:00:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 38.jpg
facturalaya.com/sys/img/ 126 KB
126 KB 554ms
219ms Image
image/jpeg 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facturalaya.com/sys/img/38.jpg
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e826404a99e78d74403dab2cdbd1f96b0717126c7dd3eec49b101b5438d5af39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:20 GMT
last-modified: Tue, 05 Nov 2019 00:00:00 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 128818
expires: Sun, 26 Dec 2021 09:00:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dcr-billing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 588031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 icomoon.ttf
dcr-billing.com/sys/template/assets/css/icons/icomoon/fonts/ 213 KB
213 KB 112ms
111ms Font
font/ttf 158.106.137.158
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcr-billing.com/sys/template/assets/css/icons/icomoon/fonts/icomoon.ttf?f89h2q
Requested by: Host: dcr-billing.com
URL: https://dcr-billing.com/sys/template/assets/css/icons/icomoon/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.137.158 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fd756090b6d9612518047f8a828850240445ea1c4b3aad2d1e497260cb95c8cf

Request headers

Referer: https://dcr-billing.com/sys/template/assets/css/icons/icomoon/styles.css
Origin: https://dcr-billing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:19 GMT
last-modified: Wed, 08 Mar 2017 15:46:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 218228
expires: Fri, 03 Dec 2021 09:00:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dcr-billing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 140640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dcr-billing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 241099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:02:00 GMT

GET
H2 200 179248925778029 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179248925778029?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fa8ba919463deff217da936d40ba5e7d175dedb7fc5651fd206068b7c2a88a3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2lDVpTAZDQxIgSuDWZpO6bVOsif3V9OA5dKMVNkplAawTtJccrL3tJl6/T6TxwOAA/VF77uWHfEYo17BrWDEhA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Nov 2021 09:00:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1002 40 KB
21 KB 46ms
28ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP&co=aHR0cHM6Ly9kY3ItYmlsbGluZy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=qferf3a4ymj7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea9ac744eb615972efe87ca71a5b96b25688c21cbc8b55f67f0d7d4727aa4c3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FKzcHeiTLE8m8yFAn+OrlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Nov 2021 09:00:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-FKzcHeiTLE8m8yFAn+OrlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21068
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179248925778029&ev=PageView&dl=https%3A%2F%2Fdcr-billing.com%2Fsys%2Flogin&rl=&if=false&ts=1637917220009&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637917220007.658099371&it=1637917219911&coo=false&rqm=GET

Requested by

Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 26 Nov 2021 09:00:20 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1002 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP&co=aHR0cHM6Ly9kY3ItYmlsbGluZy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=qferf3a4ymj7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 08:52:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1002 347 KB
135 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 08:52:51 GMT

GET
DATA 200
OK truncated
/ Frame 1002 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1002 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1002 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 7021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 03 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1002 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 230019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1002 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP&co=aHR0cHM6Ly9kY3ItYmlsbGluZy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=qferf3a4ymj7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 09:00:20 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7EB0 7 KB
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f4b03dfced044da2abdbfaee978b85cd6459830d7ef707315893a0910320081

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6onivVIsix5a6gU8yMgqkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Nov 2021 09:00:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-6onivVIsix5a6gU8yMgqkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7EB0 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 08:52:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7EB0 347 KB
135 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcHo5oUAAAAACeekkIM9BEqbLXeprQ48WEKJjCP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 08:52:51 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179248925778029&ev=Microdata&dl=https%3A%2F%2Fdcr-billing.com%2Fsys%2Flogin&rl=&if=false&ts=1637917220512&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fdcr-billing.com%2Fsys%2Flogin%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdcr-billing.com%2Fsys%2Fherramientas%2Fverimage%2Fimguser-5eb59bd82c341-8bd2050b9fa735c4d50c541338f653f7.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637917220007.658099371&it=1637917219911&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dcr-billing.com
URL: https://dcr-billing.com/sys/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dcr-billing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:00:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 26 Nov 2021 09:00:20 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dcr-billing.com/	1970-01-19 23:00:17	Name: PHPSESSID Value: e600f81a3b6c374323e1ceaa9559f064
dcr-billing.com/	1970-01-19 23:00:17	Name: PHPSESSID Value: 4f7a462efea9bd5b3927791ca6471a75
.dcr-billing.com/	1970-01-20 01:08:13	Name: _fbp Value: fb.1.1637917220007.658099371

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dcr-billing.com
facturalaya.com
fonts.googleapis.com
fonts.gstatic.com
www.dcr-billing.com
www.facebook.com
www.google.com
www.gstatic.com
158.106.137.158
2a00:1450:4001:801::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:831::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fae43631849825b26b36f703f1298fe5bb426da907dbe77d7c3e5fa2c898f3
1516a6ae40383d82fc5c240121af66dc94f7a0b689ef207bda0ab016ca0d11cb
183de2ede7ac0dabf8174d18b593dfd90c554690953394c645e961073c31ff72
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
3af12c965b926ad1451cf9d18c5ef7f78f315b2b73644d66153e258fa423a9bf
3c33a4c0f667e0c5e1d90c866dc2fc3202f9bab9aa13b72c07a23e08a428ef4e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5fc986bf4497fdfa9dded38e74dc07854ec825f7205bc52b1124708e73ef3c0b
63904c2db1b4b64eed3e00449ede69b06db7e384ec29e22e418503e630befa47
65d0be24b17ce3fb7301d4cda550ef55494b80b10f232d15827b70adc8512d49
6ad115fc2ea2de47b478b0df9796170bb182a41c5f4ac3b5d3ccbf0643d9771f
6f4b03dfced044da2abdbfaee978b85cd6459830d7ef707315893a0910320081
6fa8ba919463deff217da936d40ba5e7d175dedb7fc5651fd206068b7c2a88a3
78d84f0c1fedcccadb6615e572133eac48f1a0583c1e50536fb617c83ca8973d
7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7
81d5942d2e3278840ad9cbcd7eece4fd7637706ba17b93ec5ef018873ec5542c
86ef45c204ae966a2362a5bdd1657511fc19ca2421989a06a52bde5d906ef211
a3994e367a21c6e65e40a3733c2e178e24782a4fa4ca0e6b0cb95ff3b7f11e0e
a4468f9651948b3fa77d5fe9a0056b7663d676c57cc6e1923643e824dd145ca4
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b9a04b3f8b3110c131291cf253414fb1aebd725d6e09fca4df46314e71831cd3
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dfef6ad262eb221bd3873ef0cf954312d802e5112c5cdffbc608cacf38315f25
e826404a99e78d74403dab2cdbd1f96b0717126c7dd3eec49b101b5438d5af39
ea9ac744eb615972efe87ca71a5b96b25688c21cbc8b55f67f0d7d4727aa4c3e
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67
fd756090b6d9612518047f8a828850240445ea1c4b3aad2d1e497260cb95c8cf

dcr-billing.com Open in urlscan Pro 158.106.137.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

40 Requests

53 %HTTPS

86 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

1233 kBTransfer

3194 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dcr-billing.com Open in urlscan Pro
158.106.137.158 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

53 %
HTTPS

86 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1233 kB
Transfer

3194 kB
Size

3
Cookies

40 HTTP transactions
2 data transactions