dash.billgang.com Open in urlscan Pro
2606:4700:20::681a:2a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dash.billgang.com/payments/orders
Submission: On March 22 via api (March 22nd 2024, 3:53:14 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 2606:4700:20::681a:2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is dash.billgang.com.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2024. Valid for: 3 months.

This is the only time dash.billgang.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:20:... 2606:4700:20::681a:2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.205.232.19 52.205.232.19	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.46.19 18.245.46.19	() ()
45	13

9 2606:4700:20::681a:2a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dash.billgang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g-api.billgang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.205.232.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-232-19.compute-1.amazonaws.com

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.19 (United States)

ASN- ()
PTR: server-18-245-46-19.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com fonts.gstatic.com www.gstatic.com	758 KB
9	billgang.com 1 redirects dash.billgang.com g-api.billgang.com	1 MB
8	google.com www.google.com — Cisco Umbrella Rank: 5	118 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1162 e.clarity.ms — Cisco Umbrella Rank: 8494 c.clarity.ms — Cisco Umbrella Rank: 1824	28 KB
5	posthog.com app.posthog.com — Cisco Umbrella Rank: 25000 us.i.posthog.com — Cisco Umbrella Rank: 29647 us-assets.i.posthog.com — Cisco Umbrella Rank: 68044	81 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 5586	290 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 427	761 B
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 3779	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	997 B
45	9

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	dash.billgang.com www.gstatic.com www.google.com
7	dash.billgang.com	1 redirects dash.billgang.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	us.i.posthog.com	app.posthog.com
2	js.intercomcdn.com	widget.intercom.io
2	c.clarity.ms	1 redirects
2	e.clarity.ms	www.clarity.ms
2	g-api.billgang.com	dash.billgang.com
2	www.clarity.ms	dash.billgang.com www.clarity.ms
1	c.bing.com	1 redirects
1	widget.intercom.io	dash.billgang.com
1	us-assets.i.posthog.com	app.posthog.com
1	app.posthog.com	dash.billgang.com
1	fonts.googleapis.com	dash.billgang.com
45	15

This site contains links to these domains. Also see Links.

Domain
billgang.com

Subject Issuer	Validity	Valid
dash.billgang.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.posthog.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
billgang.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://dash.billgang.com/payments/orders
Frame ID: 9FE11E202E07109EEC8CA73C3B4CAEA3
Requests: 21 HTTP requests in this frame

Frame: https://dash.billgang.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 932C50086AB1817E91E91A652073392D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa&co=aHR0cHM6Ly9kYXNoLmJpbGxnYW5nLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomright&cb=t4xvh66a5yhv
Frame ID: AF0BD4B95A37CEA4CEDBF51728FD9E54
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6658389f.js
Frame ID: F7BBDD5164041ACC002253A781F344EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa
Frame ID: 6113DD7B55DEEC478D4EE0A9A5C1FA07
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | Dashboard

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

96 %
HTTPS

62 %
IPv6

9
Domains

15
Subdomains

13
IPs

3
Countries

2692 kB
Transfer

8746 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://billgang.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://billgang.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://dash.billgang.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dash.billgang.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

Request Chain 28

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&RedC=c.clarity.ms&MXFR=1A43F126E8F063F909C3E56CECF06D52 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&MUID=2172C441C56F69AD0D04D00BC46F6849

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request orders Show response
dash.billgang.com/payments/ 4 KB
2 KB 231ms
113ms Document
text/html 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.billgang.com/payments/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794da5758d76f1e97ba51ccd82e3b92beb7852d2fba3e82d921346bba11ba8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86875a55f86d39e5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Mar 2024 15:53:08 GMT
link: <https://fonts.googleapis.com>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIy3yG1lxX9iDysEfy2gwKWzrM23cd%2Fq%2Fj2UhohLEEr02NqdwnM25Ig3bKqnxV4ZJomhT2HMKnw5%2FWESjExAGyHkhpXo1lVoitLoRVwAhk%2FrfN%2B2uBtwGVhopFk%2BLQ932sfHqvJrL6%2FaTycWQb%2BSag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
997 B 92ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo:wght@300;400;500;600;700;800&display=swap

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce8a8cb8649b30bdd4af7a08c8c36bd20a133590a960c7016405929a97db1b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 15:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 15:53:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 15:53:08 GMT

GET
H2 200 main.ed1d61d3.js Show response
dash.billgang.com/static/js/ 5 MB
1 MB 56ms
50ms Script
application/javascript 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.billgang.com/static/js/main.ed1d61d3.js

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e790855769bf5c7c6cfc7f4d4123a98b864a8e192a2a970601614881da38648

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/payments/orders
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1292
cf-polished: origSize=5067885
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"4afc14e56b00b2939f96810aabaa65ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CH96U75g%2FukcCEhmRN0S1YJ1Ryxf5HmZ6lKv2f34zsyuOys0Hz5wCeVDxQUht0s1CrjNam5md%2BK4eeRXV6r2PXOp8gtek0mvKIsiAerR5MfSLGhdpjoOifO3reaPr%2BnL%2FLeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86875a56b98939e5-FRA

GET
H2 200 main.77fd1062.css
dash.billgang.com/static/css/ 304 KB
41 KB 44ms
39ms Stylesheet
text/css 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.billgang.com/static/css/main.77fd1062.css

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455c2997c1d6666187aefbe674df517cb85952fee7e8f54cd4c2eebacec5353d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/payments/orders
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1292
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"612558097f6775bf2a4e130d5f794ada"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRWjTJu%2F7lU9HtdjSJJ0xus7Rf32ylXZrdvtPLGJWqsdPcA%2FOQ42hE5NT8cZsvWLD0hI1Ok9JqWZCt65AHeIVOuYfqKXl%2F2YpZg5e%2F15vlZJ1ILeZLOwhCTI25oApwOHYgkzsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86875a56b98839e5-FRA

GET
H2 200 htay9jv4gb Show response
www.clarity.ms/tag/ 650 B
1013 B 308ms
121ms Script
application/x-javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/htay9jv4gb
Requested by: Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aff99adb90d8b2c8757d95cdd5aa0bad03b2fea1ed58e6d70909b346dea980b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: -1
date: Fri, 22 Mar 2024 15:53:09 GMT
x-azure-ref: 20240322T155309Z-ryqwu6f0313xp49t691xfb1p1800000002dg00000001dcr7
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 array.js Show response
app.posthog.com/static/ 121 KB
43 KB 475ms
233ms Script
text/javascript 52.205.232.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.232.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-232-19.compute-1.amazonaws.com

Software

envoy /

Resource Hash

9cb0ca23ab0b64f585be19990effd40c49355054d8ecc73038298d63fcf60542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Fri, 22 Mar 2024 13:52:03 GMT
server: envoy
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
x-envoy-upstream-service-time: 4

GET
H3

200

main.js Show response
dash.billgang.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 932C
Redirect Chain

https://dash.billgang.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dash.billgang.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

8 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.billgang.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders

Protocol

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d286b4a42362600074f230d256a091c723a5941df96dc763a0d423c38a43e534

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRXx2i1qeTE4YOv1jQ%2BJJt1kOXrTw7yv78IwU8594VwpkEgnbGv9Iuh4APA85lKg%2FozlUU4x%2FrEubvbUABeACKtHK%2BPShFrWLGu5B9rgG54HSkGU4Wn%2BR5xsUrwa56kuxaDlsVnkGhc0BwhhRKry"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86875a5acf84903a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 22 Mar 2024 15:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGXzBfr9LoLQp6Y3FbX8UNwUd3eAMfiGuG6X1ZYoRFNLRAxv9HBO5X5gAadl8G1UlCSfOIEKk4XVG2TEfk19FFPhkY6Jk%2B6WO3Iv4Ck78sy0NNRbX6icGA1NSlrmTQ7gU4DeszJ9UYtxQvN0te4p"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
cache-control: max-age=300, public
cf-ray: 86875a5a6f2e903a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 sprite.eff942433ac48e32a15f7d281d503005.svg
dash.billgang.com/static/media/ 289 KB
116 KB 42ms
41ms Other
image/svg+xml 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.billgang.com/static/media/sprite.eff942433ac48e32a15f7d281d503005.svg

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/static/js/main.ed1d61d3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4691131b9c1d30374c192684994017ac45af4f862d2a7f2536c4ad84fd77f16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/payments/orders
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1291
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"202b891a6995ffadb9f689cf02d71cec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56fXg0POhPnw3l20ADw4UJPjJXiv4%2FFvK08O3kDM5b2%2B99F6TZHChQF8zXj3gt3ZrFERZu4AnTXBbIgiS%2Fu887f48q5C%2BTSaDjjtuujQVOJPaAAoyNKXCKC1%2F3s8fAw66mYs7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 86875a5abf6c903a-FRA

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d05d0e1df43b88fbd63822565b0743adf73dd6bf076ddb18d42bd660847d8678

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
35 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dash.billgang.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:13 GMT
x-content-type-options: nosniff
age: 288476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:13 GMT

OPTIONS
H2 204 user
g-api.billgang.com/v1/dash/ Frame 0
0 123ms
51ms Preflight 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-api.billgang.com/v1/dash/user
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://dash.billgang.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86875a5b5a242ba3-FRA
date: Fri, 22 Mar 2024 15:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXc27ccie0DfwMhBTY9MWfcZeqXH2WmfqD8Dzc1Q9Jir9FBLIayD4Fn3pNJ7asrPbXpAMveWCtWCzndLlX8puX8XJmsPPIysPIoFW09RV%2FvnhbLk0mgzU171cwIlZeRhqVc6pVr9rO2XHvaqycEv4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-response-time-ms: 0

GET
H2 401 user Show response
g-api.billgang.com/v1/dash/ 0
301 B 39ms
38ms XHR
text/plain 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-api.billgang.com/v1/dash/user
Requested by: Host: dash.billgang.com
URL: https://dash.billgang.com/static/js/main.ed1d61d3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
www-authenticate: Bearer error="invalid_token"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-response-time-ms: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FyJ5qfQPSntcZvhetCMeo5IWyhLD%2BS6Bkf%2FcYqcp06q6IaJyp9Z8HNy%2Fqx0uPilBlXDKTeNjjN%2F7Qs0rDpv6ExQ1IDz%2BEbH9qTWRRGZR1W62WfnToKbS%2BBnlhZewFEPBuu068ihRE%2FUWhtTcYEZkg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 86875a5baa702ba3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 45ms
45ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/htay9jv4gb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 12:23:39 GMT
etag: W/"0x8DC480F6888504A"
vary: Accept-Encoding
x-azure-ref: 20240322T155309Z-ryqwu6f0313xp49t691xfb1p1800000002dg00000001dcsr
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 66e6a00c-101e-0075-75ab-7a45f7000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/static/js/main.ed1d61d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 15:53:09 GMT

POST
H2 200 / Show response
us.i.posthog.com/decide/ 665 B
756 B 355ms
120ms XHR
application/json 52.205.232.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1711122789598&ver=1.116.4&compression=base64

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.232.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-232-19.compute-1.amazonaws.com

Software

envoy /

Resource Hash

4a3e2f22f2671b97781165d8a09de54ca6d30db8fcb06e31d31383692a8174d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dash.billgang.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
us.i.posthog.com/e/ 13 B
413 B 342ms
116ms XHR
application/json 52.205.232.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/e/?ip=1&_=1711122789606&ver=1.116.4&compression=base64

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.232.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-232-19.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dash.billgang.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: X-Requested-With,Content-Type

POST
H3 200 86875a55f86d39e5 Show response
dash.billgang.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 932C 0
595 B 41ms
41ms XHR
text/plain 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.billgang.com/cdn-cgi/challenge-platform/h/b/jsd/r/86875a55f86d39e5
Requested by: Host: dash.billgang.com
URL: https://dash.billgang.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Mar 2024 15:53:09 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8536xbFSBRg3ds9CL5V5ctIZDlwFq1DskfahfNVDurJlaAD8uaSwC%2B9tOsRhskPsvvkZJ3lJyljft8hpCnAn14SAE3rvbum5nuKHuYj3prs%2BXGE%2FdH%2Bw8cBkuWJsHwkM00iDV6t1h624KwsAOsI"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86875a5bd896903a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 499 KB
199 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dash.billgang.com/
Origin: https://dash.billgang.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
297 B 350ms
111ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://dash.billgang.com
Date: Fri, 22 Mar 2024 15:53:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AF0B 46 KB
29 KB 45ms
44ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa&co=aHR0cHM6Ly9kYXNoLmJpbGxnYW5nLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomright&cb=t4xvh66a5yhv

Requested by

Host: dash.billgang.com
URL: https://dash.billgang.com/static/js/main.ed1d61d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

518e2c02ef30b2f1b139d227ef2b39d55e90ae85e32d33120ee9df8ccb1b6ca3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJvnVyRLdbbf62ywn6w0lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dash.billgang.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cJvnVyRLdbbf62ywn6w0lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 15:53:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 recorder.js Show response
us-assets.i.posthog.com/static/ 104 KB
37 KB 108ms
36ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/recorder.js?v=1.116.4

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfdaa8905ef0f019adee99572fa453418ae4272b1575a0f1a1c7e18d00f6a116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81
x-envoy-upstream-service-time: 4
referrer-policy: same-origin
last-modified: Fri, 22 Mar 2024 13:52:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86875a5dc9904dcb-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame AF0B 55 KB
24 KB 66ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa&co=aHR0cHM6Ly9kYXNoLmJpbGxnYW5nLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomright&cb=t4xvh66a5yhv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 15:22:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame AF0B 499 KB
198 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

GET
H3 200 zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js Show response
www.google.com/js/bg/ Frame AF0B 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa&co=aHR0cHM6Ly9kYXNoLmJpbGxnYW5nLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomright&cb=t4xvh66a5yhv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7358
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 14:17:13 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AF0B 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 302862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 26 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF0B 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 325607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF0B 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 09:11:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AF0B 102 B
135 B 30ms
29ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa&co=aHR0cHM6Ly9kYXNoLmJpbGxnYW5nLmNvbTo0NDM.&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=invisible&badge=bottomright&cb=t4xvh66a5yhv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 15:53:10 GMT

GET
H2 200 wq68mxtc Show response
widget.intercom.io/widget/ 7 KB
3 KB 87ms
25ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/wq68mxtc
Requested by: Host: dash.billgang.com
URL: https://dash.billgang.com/payments/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a927ad80dcf6316f90bfcd816f34475e6ea8d5e482de692ec6cc9bb3fe8e9fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 5dh_mPLYogT7Mo4J8dWU1NJVZQA5s_Ko
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
date: Fri, 22 Mar 2024 15:50:46 GMT
x-amz-cf-pop: FRA2-C1
age: 145
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2706
last-modified: Fri, 22 Mar 2024 14:00:41 GMT
server: AmazonS3
etag: "5c008d05520258fe3f17e1f62e3b2c0d"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: EVqGQrpElhkPifYT3JFEN24EbHZNBvxhUaCoVh7vQMZiE5WUa8KG5w==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&RedC=c.clarity.ms&MXFR=1A43F126E8F063F909C3E56CECF06D52
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&MUID=2172C441C56F69AD0D04D00BC46F6849

42 B
442 B

41ms
41ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&MUID=2172C441C56F69AD0D04D00BC46F6849
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dash.billgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 15:53:09 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2024 15:53:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46A14CBE531A45A0A6E483F0BB652340 Ref B: FRAEDGE1721 Ref C: 2024-03-22T15:53:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=14B46638A73F4F95A2A07E09481870E7&MUID=2172C441C56F69AD0D04D00BC46F6849
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 frame-modern.6658389f.js Show response
js.intercomcdn.com/ Frame F7BB 513 KB
142 KB 92ms
25ms Script
application/javascript 18.245.46.19

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.6658389f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wq68mxtc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.19 , United States, ASN (),

Reverse DNS

server-18-245-46-19.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

21181a8cd9714de91bd28ca820b06f693e6484b5576806f1ca74f59a0590e505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:00:44 GMT
content-encoding: gzip
via: 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
x-amz-version-id: BWYM7gDyLjOH6Q_zzH.MsMJ9qHNO1Kb2
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 6747
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144414
last-modified: Fri, 22 Mar 2024 13:57:29 GMT
server: AmazonS3
etag: "bcb7436cc3896050094ba96993a8ff00"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: DdCQgtpBMNxV_ho-7PgoABlJ576Pk7102qKyUAzJdj_ApGVKF2GxBw==

GET
H2 200 vendor-modern.9921b73c.js Show response
js.intercomcdn.com/ Frame F7BB 483 KB
148 KB 138ms
72ms Script
application/javascript 18.245.46.19

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.9921b73c.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wq68mxtc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.19 , United States, ASN (),

Reverse DNS

server-18-245-46-19.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: oqn9.GrIUJn94J8vXJWTcxSqfbdfBJb0
content-encoding: gzip
via: 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
date: Fri, 22 Mar 2024 15:45:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 151135
last-modified: Thu, 21 Mar 2024 18:57:05 GMT
server: AmazonS3
etag: "ae95e8cfe55350008dcd098ebbe4cee3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: eFTHZ2UUZK3kAMbf3pX6axk2pM6qDpmdH4FaUze32pF94LQkKxXKOA==

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6113 7 KB
1 KB 38ms
37ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e155965f1b680673cf953a3b6f5ba9b58ba1454889fedd163100fdd1d972ea1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NBNvyXmU3rV3Cgh4R7t0Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dash.billgang.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NBNvyXmU3rV3Cgh4R7t0Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 15:53:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 6113 55 KB
24 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 15:22:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 6113 499 KB
198 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6113 21 KB
15 KB 78ms
78ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78a0db44dc3912f60ac08ce366c8f24501929a78d2eb900da4fd75f686dc7821

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 22 Mar 2024 15:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 15:53:10 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6113 600 B
624 B 23ms
22ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:13 GMT
x-content-type-options: nosniff
age: 336177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 18:30:13 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6113 530 B
554 B 23ms
22ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 333338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6113 665 B
689 B 24ms
23ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 101468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Mar 2024 11:42:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6113 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 325607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 21:26:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6113 15 KB
15 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:58:08 GMT
x-content-type-options: nosniff
age: 287702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:58:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6113 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 09:11:37 GMT

GET
H3 200 zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js Show response
www.google.com/js/bg/ Frame 6113 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7358
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 14:17:13 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 6113 56 KB
56 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5fMAsf9QK0SGP08eF3bja1yArkN8E3FwsGDh56fP7GAxuWDScBnylDqb-njp_Ee2Bb3dZBbwciPC1kN5d1KXH8F-G1ADdZfVe9mtXUwef-aG6J1WKEwAwxnKRZuiTqaICMuyyHh8lz7nwO_jvue8QkX7bq2CPk_7LMzixbHMceth930Bd-7p_fz9534zdFnk7UO4V-FLX_C6rg8dMbK0DBohz7Xg&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e72d6cc866314bcd7b85948e3276868b31c79fd5a4f157ea05acb03ecaad0ef6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LdQiIIpAAAAAAkhvhS9zuo5WNS5mAzZrALD9cCa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 15:53:10 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 15:53:10 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
297 B 111ms
110ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://dash.billgang.com
Date: Fri, 22 Mar 2024 15:53:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 200 / Show response
us.i.posthog.com/s/ 13 B
413 B 351ms
351ms XHR
application/json 52.205.232.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/s/?ip=1&_=1711122792598&ver=1.116.4&compression=gzip-js

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.232.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-232-19.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dash.billgang.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 15:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dash.billgang.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:37:54	Name: _GRECAPTCHA Value: 09AKoyJkt5aPva0TsCART49C0B1O94xtnX-X20h1Nx7f1zkLn5tpEPp-vxNofxQ0s5qWHTe6QPWWghoCrkq2GxI98
www.clarity.ms/	1970-01-21 04:04:18	Name: CLID Value: 6e2ae08c398f45859f0329c7ef52177c.20240322.20250322
.billgang.com/	1970-01-21 04:04:18	Name: _clck Value: jpc8f3%7C2%7Cfka%7C0%7C1542
.billgang.com/	1970-01-21 04:04:18	Name: cf_clearance Value: _zYC1PJfCQN1GX80eB2Rt11f1QML7hwVVcpt6nIEkSs-1711122789-1.0.1.1-2AH2Oe5qLOUYzWtNu5MRbG6QQuITiHCidxmJbafObjPo6BPKJmipzuOpg0sPENISXd41ZVo78Fhv3QMNrQS11g
.billgang.com/	1970-01-20 19:20:09	Name: _clsk Value: 6hq570%7C1711122790210%7C1%7C1%7Ce.clarity.ms%2Fcollect
.billgang.com/	1970-01-21 04:04:18	Name: ph_phc_GgCLJjxxgs1sYbVpICQFSg7U0in9ooFE14GLLbmDGGz_posthog Value: %7B%22distinct_id%22%3A%22018e66dd-b4dd-7560-9b98-685e2ba3e890%22%2C%22%24sesid%22%3A%5B1711122790334%2C%22018e66dd-b4e5-7409-96f5-8fb48fe69a46%22%2C1711122789605%5D%7D
.bing.com/	1970-01-21 04:40:18	Name: MUID Value: 2172C441C56F69AD0D04D00BC46F6849
.c.bing.com/	1970-01-20 19:28:47	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:40:18	Name: SRM_B Value: 2172C441C56F69AD0D04D00BC46F6849
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:40:18	Name: MUID Value: 2172C441C56F69AD0D04D00BC46F6849
.c.clarity.ms/	1970-01-20 19:28:47	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:18:43	Name: ANONCHK Value: 0

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dash.billgang.com/payments/orders Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://g-api.billgang.com/v1/dash/user Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dash.billgang.com/auth/sign-in Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
c.bing.com
c.clarity.ms
dash.billgang.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
g-api.billgang.com
js.intercomcdn.com
us-assets.i.posthog.com
us.i.posthog.com
widget.intercom.io
www.clarity.ms
www.google.com
www.gstatic.com
13.224.189.49
18.245.46.19
20.62.48.180
2606:4700:10::6816:3bb5
2606:4700:20::681a:2a
2620:1ec:46::67
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
52.205.232.19
68.219.88.97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21181a8cd9714de91bd28ca820b06f693e6484b5576806f1ca74f59a0590e505
21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09
22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
455c2997c1d6666187aefbe674df517cb85952fee7e8f54cd4c2eebacec5353d
4691131b9c1d30374c192684994017ac45af4f862d2a7f2536c4ad84fd77f16d
4a3e2f22f2671b97781165d8a09de54ca6d30db8fcb06e31d31383692a8174d7
518e2c02ef30b2f1b139d227ef2b39d55e90ae85e32d33120ee9df8ccb1b6ca3
554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e155965f1b680673cf953a3b6f5ba9b58ba1454889fedd163100fdd1d972ea1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78a0db44dc3912f60ac08ce366c8f24501929a78d2eb900da4fd75f686dc7821
794da5758d76f1e97ba51ccd82e3b92beb7852d2fba3e82d921346bba11ba8ff
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb0ca23ab0b64f585be19990effd40c49355054d8ecc73038298d63fcf60542
9e790855769bf5c7c6cfc7f4d4123a98b864a8e192a2a970601614881da38648
a927ad80dcf6316f90bfcd816f34475e6ea8d5e482de692ec6cc9bb3fe8e9fe0
aff99adb90d8b2c8757d95cdd5aa0bad03b2fea1ed58e6d70909b346dea980b6
bfdaa8905ef0f019adee99572fa453418ae4272b1575a0f1a1c7e18d00f6a116
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11
ce8a8cb8649b30bdd4af7a08c8c36bd20a133590a960c7016405929a97db1b77
d05d0e1df43b88fbd63822565b0743adf73dd6bf076ddb18d42bd660847d8678
d286b4a42362600074f230d256a091c723a5941df96dc763a0d423c38a43e534
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72d6cc866314bcd7b85948e3276868b31c79fd5a4f157ea05acb03ecaad0ef6

dash.billgang.com Open in urlscan Pro 2606:4700:20::681a:2a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

62 %IPv6

9 Domains

15 Subdomains

13 IPs

3 Countries

2692 kBTransfer

8746 kBSize

13 Cookies

2 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dash.billgang.com Open in urlscan Pro
2606:4700:20::681a:2a Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

62 %
IPv6

9
Domains

15
Subdomains

13
IPs

3
Countries

2692 kB
Transfer

8746 kB
Size

13
Cookies

45 HTTP transactions
1 data transactions