wellness.stg.billsgcp.com Open in urlscan Pro
45.60.33.186 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wellness.stg.billsgcp.com/
Effective URL:
https://wellness.stg.billsgcp.com/financial-health-survey
Submission: On October 06 via automatic, source certstream-suspicious (October 6th 2021, 8:09:46 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 42 HTTP transactions. The main IP is 45.60.33.186, located in United States and belongs to INCAPSULA, US. The main domain is wellness.stg.billsgcp.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on October 4th 2021. Valid for: 6 months.

This is the only time wellness.stg.billsgcp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	45.60.33.186 45.60.33.186	19551 (INCAPSULA) (INCAPSULA)
3	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	54.76.144.107 54.76.144.107	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	34.96.118.161 34.96.118.161	15169 (GOOGLE) (GOOGLE)
3	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	172.253.120.154 172.253.120.154	15169 (GOOGLE) (GOOGLE)
1	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
42	16

19 45.60.33.186 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

wellness.stg.billsgcp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.144.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.118.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.118.96.34.bc.googleusercontent.com

visitortracking.staging.billsdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.120.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	billsgcp.com 1 redirects wellness.stg.billsgcp.com	313 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	gstatic.com fonts.gstatic.com	69 KB
3	bing.com bat.bing.com	10 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
1	google.com www.google.com	522 B
1	doubleclick.net stats.g.doubleclick.net	468 B
1	billsdev.com visitortracking.staging.billsdev.com Failed
1	pdst.fm cdn.pdst.fm	6 KB
1	googletagmanager.com www.googletagmanager.com	65 KB
42	12

	Domain	Requested by
19	wellness.stg.billsgcp.com	1 redirects wellness.stg.billsgcp.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com wellness.stg.billsgcp.com
3	fonts.googleapis.com	wellness.stg.billsgcp.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	visitortracking.staging.billsdev.com	wellness.stg.billsgcp.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cdn.pdst.fm	wellness.stg.billsgcp.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	wellness.stg.billsgcp.com
42	15

This site contains links to these domains. Also see Links.

Domain
finhealthnetwork.org
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
www.linkedin.com
www.bills.com
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-04` - `2022-04-05`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://wellness.stg.billsgcp.com/financial-health-survey
Frame ID: 70AB1119E209F79355C80DD4D8CAF231
Requests: 39 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: A4920A3C1142A1AE946DC6B67349ACEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find a debt payoff plan that fits your needs.

Page URL History Show full URLs

https://wellness.stg.billsgcp.com/ HTTP 302
http://wellness.stg.billsgcp.com/financial-health-survey HTTP 307
https://wellness.stg.billsgcp.com/financial-health-survey Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

42
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

549 kB
Transfer

1441 kB
Size

18
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://finhealthnetwork.org/
Title: Financial Health Network

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Bills.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/billsdotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/billsdotcom

Search URL Search Domain Scan URL

URL: https://plus.google.com/+billscom

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bills.com

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/press-releases/media-coverage
Title: Media Coverage

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/team
Title: Team

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bills.com/company/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.bills.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bills.com/safe-secure
Title: Safe and Secure

Search URL Search Domain Scan URL

URL: https://www.bills.com/sitemap/siteindex
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/?utm_source=BillsSEO
Title: http://www.nmlsconsumeraccess.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wellness.stg.billsgcp.com/ HTTP 302
http://wellness.stg.billsgcp.com/financial-health-survey HTTP 307
https://wellness.stg.billsgcp.com/financial-health-survey Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request financial-health-survey Show response
wellness.stg.billsgcp.com/
Redirect Chain

https://wellness.stg.billsgcp.com/
http://wellness.stg.billsgcp.com/financial-health-survey
https://wellness.stg.billsgcp.com/financial-health-survey

28 KB
6 KB

127ms
127ms

Document
text/html

45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

7339ed2d1ef565a472256507574a9bc9eb2bdb4acdf2ce92b4f51babe583ea97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: wellness.stg.billsgcp.com
:scheme: https
:path: /financial-health-survey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.5
date: Wed, 06 Oct 2021 20:09:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; expires=Wed, 06-Oct-2021 22:09:40 GMT; Max-Age=7200; path=/ wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; expires=Wed, 06-Oct-2021 22:09:40 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
x-iinfo: 7-52123329-52123324 PNNN RT(1633550979660 0) q(0 0 0 -1) r(1 1) U5

Redirect headers

Location: https://wellness.stg.billsgcp.com/financial-health-survey
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 760 B
406 B 39ms
16ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,700

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

b8a42f16f72934294cd2f7affaf56b72e7bc9785f666dd488729f2458bc2c2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 19:59:05 GMT
server: ESF
date: Wed, 06 Oct 2021 20:09:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 20:09:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 38ms
16ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 18:35:45 GMT
server: ESF
date: Wed, 06 Oct 2021 20:09:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 20:09:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
489 B 47ms
24ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 18:34:59 GMT
server: ESF
date: Wed, 06 Oct 2021 20:09:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 20:09:40 GMT

GET
H2 200 index.css
wellness.stg.billsgcp.com/css/ 120 KB
27 KB 129ms
128ms Stylesheet
text/css 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/css/index.css

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

46602389cbcfa890bf4d38229623976c84aa980fd2be058cf31290d211501a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /css/index.css
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:40 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:55 GMT
server: nginx/1.15.5
etag: W/"60110cd7-1e07d"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
x-iinfo: 7-52123335-52123324 PNNN RT(1633550979810 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000 public
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:40 GMT

GET
H2 200 config.js Show response
wellness.stg.billsgcp.com/js/ 2 KB
946 B 447ms
447ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/js/config.js

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

4af1ace7daf1bcbf551e8130c1dbe0f48d0311fd436d0c1e2274667da3696e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /js/config.js
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: W/"60110cd2-8d3"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-52123336-52123337 NNNN CT(105 215 0) RT(1633550979814 0) q(0 0 3 -1) r(4 4) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 require.min.js Show response
wellness.stg.billsgcp.com/js/libs/ 18 KB
6 KB 467ms
466ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/js/libs/require.min.js

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

6ae64f1f180b640a0fcd94e8c21d8692f1b65dc8bb2b53bb350a1f9008e6bbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /js/libs/require.min.js
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: W/"60110cd2-47ef"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-52123338-52123339 NNNN CT(105 214 0) RT(1633550979816 0) q(0 0 3 -1) r(4 4) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 global-events.js Show response
wellness.stg.billsgcp.com/js/helpers/ 1 KB
663 B 465ms
464ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/js/helpers/global-events.js

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

3ca003230c365c9a5593971712e6528aa39c6abaa9f4777e8cf5071be736d339

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /js/helpers/global-events.js
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: W/"60110cd2-591"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-52123340-52123341 NNNN CT(106 213 0) RT(1633550979817 0) q(0 0 3 -1) r(4 4) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 logo-default.png
wellness.stg.billsgcp.com/images/ 1 KB
2 KB 127ms
126ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/logo-default.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

c85cf87a0a8e4fc08c6bcf88b09534a4f92c3a229585688f53a4319b8fe62464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/logo-default.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-5b3"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123365-52123339 PNNN RT(1633550980276 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 1459
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 index_graphic.svg
wellness.stg.billsgcp.com/images/ 46 KB
16 KB 124ms
124ms Image
image/svg+xml 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/index_graphic.svg

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

03d311226db51b2965a7a7fe7acea7f6eb9912ff470550f91c44f791ded3db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/index_graphic.svg
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: W/"60110cd2-b924"
vary: Accept-Encoding
content-type: image/svg+xml
x-iinfo: 7-52123367-52123341 PNNN RT(1633550980280 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 featured.png
wellness.stg.billsgcp.com/images/ 15 KB
15 KB 134ms
132ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/featured.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

45d9e5a9dcf2784dd0d4de5471155eaba352fa0e4ba190959c89afcf62dccf26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/featured.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-3c65"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123368-52123337 PNNN RT(1633550980283 0) q(0 0 0 -1) r(2 2) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 15461
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 featured_mobile.png
wellness.stg.billsgcp.com/images/ 19 KB
19 KB 131ms
130ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/featured_mobile.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

4aa91a1faf4c1c15bc0557bfd152a3f8fc8b1cb33af2ed28fb3a840cdcea4e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/featured_mobile.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-4d44"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123369-52123324 PNNN RT(1633550980284 0) q(0 0 0 -1) r(2 2) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 19780
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 a_plus.png
wellness.stg.billsgcp.com/images/trusties/ 6 KB
6 KB 437ms
436ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/trusties/a_plus.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

7f63958351bba89dc5ce27a95bbdbd41f574e8b63ac98ba11f49b704ff54dd00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/trusties/a_plus.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-1931"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123370-52123371 NNNN CT(104 214 0) RT(1633550980286 0) q(0 0 4 -1) r(5 5) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 6449
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 norton.png
wellness.stg.billsgcp.com/images/trusties/ 12 KB
12 KB 328ms
326ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/trusties/norton.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

0e827a1f20197cb7c97f9d82cad81bd36440668a1b97643b9c8b5887724d39e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/trusties/norton.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-2ff9"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123372-52123373 NNNN CT(105 105 0) RT(1633550980287 0) q(0 0 2 -1) r(4 4) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 12281
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 d_and_b.png
wellness.stg.billsgcp.com/images/trusties/ 5 KB
5 KB 232ms
231ms Image
image/png 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/trusties/d_and_b.png

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

30add3e2eb3e906ed4bb98c63e740041043fa47532310050d49286fb6281bc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/trusties/d_and_b.png
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-144f"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
x-iinfo: 7-52123374-52123339 PNNN RT(1633550980287 0) q(0 1 1 -1) r(3 3) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 5199
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 loader.gif
wellness.stg.billsgcp.com/images/ 3 KB
4 KB 237ms
236ms Image
image/gif 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wellness.stg.billsgcp.com/images/loader.gif

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

7c3ed33fb69b8db5aee90cb96cd09f1ce9506f279ef687995e936c5ab0c81afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /images/loader.gif
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-db9"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
x-iinfo: 7-52123375-52123324 PNNN RT(1633550980288 0) q(0 2 2 -1) r(3 3) U5
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 3513
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 _Incapsula_Resource Show response
wellness.stg.billsgcp.com/ 147 KB
21 KB 18ms
17ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://wellness.stg.billsgcp.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1325322643
Requested by: Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.186 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1649b4c0cee9415ad127e694e63ae52a6d7e383fb2becef6c299a683bb586855

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1325322643
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21341
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
65 KB 56ms
34ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJRDLMZ

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

93909afa09a522423bb2606b143358a3af440a30b4455fe6d9be413e00c88003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65903
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Oct 2021 20:09:41 GMT

GET
H2 200 common.js Show response
wellness.stg.billsgcp.com/js/ 335 KB
94 KB 333ms
332ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/js/common.js?v=2.2

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/js/libs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

1da0bf58d3ecb1a39a6a0767728d75158419ae0c36bdb6fb53c580df37d39196

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /js/common.js?v=2.2
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:53 GMT
server: nginx/1.15.5
etag: W/"60110cd5-53d10"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-52123377-52123339 PNNN RT(1633550980295 0) q(0 3 3 -1) r(4 4) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 index.js Show response
wellness.stg.billsgcp.com/js/ 422 B
400 B 333ms
333ms Script
application/javascript 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/js/index.js?v=2.2

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/js/libs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

3274e62c301a5d1cfdd91cd479e76b677ac146e20dd95f0de686924ff9d73077

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /js/index.js?v=2.2
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 06:48:53 GMT
server: nginx/1.15.5
etag: W/"60110cd5-1a6"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-52123378-52123341 PNNN RT(1633550980296 0) q(0 3 3 -1) r(4 4) U5
cache-control: max-age=31536000 public
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 _Incapsula_Resource
wellness.stg.billsgcp.com/ 1 B
35 B 7ms
6ms Image
text/plain 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wellness.stg.billsgcp.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5233332002397679
Requested by: Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.186 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.5233332002397679
pragma: no-cache
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==; ___utmvc=REbGE3QrKf608otDB1rPbUyP9rFyo7K/XSWtky/X+2vyHVVHiJCR6AB8Kb8sJ7M3ycu81jTfXPEVdP5P1drkL7jPS9rlEkdQbYYQylrip9YABHZC+Wdiou64YqOb6z1Y3VLRVItJuXD0AYNnl5S01hz3mCeDzHz/6+bK2RFYjaG477g1aPWeLVNgwNF6Uqp3NY9GRC5myha6Ns/IogYRHdUDPPvmvmj0XmjlyPAu5TFomR2Kp/K0YWZiY9Uq/LW1Q7UGEvOF0HLOvXtSnvxVGZEEXatANj89kR6BOw/PF4lmaToikxmZPjh8mu2DFQa+iWi0HwDgHLDxGmbYOAymsYADVoezPxhatJJ/h48SiXxo5L0dEBcYVwP+8MPHO9MkJRG3gYEaXa46Af/evZCy3mydTkbuDuaiM/n21+RaOBcCbJEUS5Aj7BZO+Fspy0PqTMX/AICKELGKbBRXxyEHDBhIyB0ye/7TmVi03GcMrrrAXVMItsUyswrmtUWesqLQTghQKUxo3DiTXykR4RRs0d6rQH6bBbC+2hvjgH7x3KrcJcD1T7xkx9Y4bVU0gF9PcnjzGJncdd4QHBS7wt8D/Zzn6A/jssHaAh0qHUrwJTLUWRH1ocIzEQGgix1Nx8aun+139qBly5g/FCrkSo4LKy56XioEZ5hRTuHKgU22+PHsM5dhwv9nr9brMFmudEAFwJlqAarv9pAU7OC+kNoREb82y6IkaVSo8ZkFpMgE1ivptgsFc/WDG3cGijXouE4G9P/3Pfc7bt6zNEyPe3TLEHNak4Yx02laCB9Oa+yPhKdxLckpHvDAogQMTR1hJkwhuXary3gb8IK6Q3JvBFEek7nXnS+djvfB/ltZ+y5qhNMl6fBB4jAquslCKKGORDMWToHYZMSsdFcIS2Q8ccNpeKb2CyDAqoIrXVhchNgNZB8HOXshqkwys/ys84obecYONdaVHlXfkDm/M0KnEFmudGAeg2qToNdfr90xEiIpxy9AzZUgv3ng2ivCSZqSmysbV7nzsV98GVOA6b5V2IMqFHzh4Dor81hi9WWP6T68FCZ/Cm5fTfB4W98ujFrdBk1aF06Ve6UHZYdbEPHz+cnGxZ2Q6hzkYLDfu1/UeU/2sm5zk0kkE9itpp7VNbYfDBv/0C6Tu9FtAXsT31PDN7uZfO/RqhVFAY7JNAZEmE5pPKt8oZX3FGxsr5Np0vcT5fBe2JhwlJ75qk8wJmCfscAJvzZFFUp/ULBjUk0+ez6p8em81CYxa0Llh8bCYNs2ocK/X8mWXe/5ux05jfG3E9QuBNORNhwZ7ZxtvZPsmU2612EIOmS89TWXcqOyz4hGcuwm4Zw73dHSOvz6JWpkxaGhQYaDTBZC7MDLKk2bc4Wo4wk/YixW5ekuESF8I7lN7ybZhBLWV8eRmD0y2GLSM/R5HmatBdTPF8L7L+nPHCAosmd0SK7PnRgZsw4l2DdkaxX8T9gaafY4KBYyTArmi0xqDBA0zIBkbzuIOTamf+3qTqzLt9NwX4NluY8hzlfr8ldnmz5f4abMD7ShdUfhieixrey1xot0IqX1xcPDKhRMAT+jf3JmAUtsfwnPoFn2ZOvjt9iNxaNg8EKDi17wjToZQNYqURXt1PKAyGwnCtTzhqZ/93j7Uv0PhRBXmJNwo+Vh0/4i4OGhp6Q/m5XLI0Q0THnpv+hQmBl5IXmw6hrOWbIXIQ8OQrOUM/pTYDdCmb6ZFXPFrOp2ludiTFd2TTa4j9Jj48rsRPd4MZtQLMFnt78ctj/xJJni+wgOr4YD9sCRldpuFP+wvgHyj78W+3Q/nPFk98g27Nvh+5vO8cMir/rNJSax/392gOBBdEwp+d8Ol1rGqh2exT+5vAn5poa13ce4Xpp6k9MoQODryGtoa+cGY3JvtluO0zyReLAuEaAl6KoeB0wHD/sS3LvBvOqfTv6CA7iy24zijO3zlPI8iOvGMK/Xl54o4nv9MUqF5dz3F3rL4+Rw65QikvPNHxUV3hM/2xXrSiVGKkWKBp33IsL75htvPKHWEVW/ElcKSvi1tPB4e8ji9Q7FaOyhxdg4soD9koLX4N2OcHHUJDJ9eI8FKB9kZQmddAtoOf7Jj/sPoJUkBrzLuNbFxLv4+m7Cg1M40TRYdj73Ln2F9iLuJY04Om3UQEkFTjpKNhjTresoAgkBmTqRBbQZj3GjsiHo4eNhk4C6Sklns+NBcj7iYVFAw/3Ink/Tw9N4R3ibh+vns2DbaaCo8Y4jkSBWjEBkKiDPSpyfn7vvqM8tz2PRYK3ZNPE/+sMn25QpcA/fvpkxoiPyj9tK54f+9+SKxT9LLw+mB70Hlt/DerhK9F8UEsYh2ZqmjX+wVcp01Sa6jo13m1JtHXhLXT1YI1uqqkjiEEZ9qxDA4O39+5iIXj4oiQjbkOIPD264jh7FjBJaaRX6eX6tPuXKy3IPfDUz8LFBbEfc5ZMkTM/IgE6IX0GPToCJ5zMnUqaaCjfOJlqbCqwxOB97LLrkmDd6XgpNg147fOH3EL/v9aFopu8qoqu8e71W20aMuZCsjK3XbGQzy79W8G3vmZ7mCxRD3MvwdJGP9B1jqqEgWomtY/o8AMfoyEusHatKGP01HcYumi+wHLMHAVzJXGy8VJm7YXIXuqUfD8Kyzcxmh5NW6KYW0/P6xQ6UzCVAefBP5SKNd2wIRAIyn6x5U/yXuqRZLGRpZ2VzdD0xODQ0MjUscz04NTg2YTVhNDg4N2U4MjZjYWJhZDhhOWY4NzZjYTU4MjY5YTA5ZGEyOGRhMTdlYWM2NTgwYTc4ZDg3ODdhM2IwNmFhMDg5OGI3NzlmNzE3MQ==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/financial-health-survey
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/financial-health-survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 hotjar-1342120.js Show response
static.hotjar.com/c/ 5 KB
3 KB 67ms
36ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1342120.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJRDLMZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

bdf947b82e0cf73fc3195af2c9ec4a6e0ae4462fcb6fdd71fa9f68b64302a337

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-edge-origin-shield-skipped: 0
etag: W/c4add6ee1880a167721b2bf8aa59672b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rS_4LXdfw5Sb9DOHdOOjBVPuhxtYX80_l3b_ftKoWu363z0ELrOflA==
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 86ms
48ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJRDLMZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:40 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: A9874575516E436FA46AE73049689271 Ref B: PRG01EDGE1012 Ref C: 2021-10-06T20:09:41Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 22ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 19:36:22 GMT
content-encoding: gzip
age: 1999
x-guploader-uploadid: ADPycdtSk1bdcPYhA7HOsD80jxRcm_wwe9-pzmlxQlvFoptyrjNXmffg6Vknm3jocH2mhdkG6PgLZJ_QBllHC8mfV6u-PPfDjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 06 Oct 2021 20:36:22 GMT

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 208ms
207ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://wellness.stg.billsgcp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 1470b820f850f7e4b47923f8d4fc8d3e
function-execution-id: w0it2plyuluk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 143ms
121ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://wellness.stg.billsgcp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: a4q1ljn90oit
x-powered-by: Express
x-cloud-trace-context: 67343708d1ce1fbce4410bb0ba0ef10a
content-encoding: gzip
date: Wed, 06 Oct 2021 20:09:41 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 modules.e95f6e2deb67f1b24d8e.js Show response
script.hotjar.com/ 221 KB
59 KB 27ms
8ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1342120.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 08:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 733356
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 59787
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 08:26:22 GMT
etag: "4c2c45df8457d0c2a07b3285a23cd7a4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8PnCT_gm_4fklLYMmmiZPDmSjaV5WXZMfCGi7ZYxa6TM59rcdo0GBw==

GET
H2 204 28479160.js Show response
bat.bing.com/p/action/ 0
110 B 140ms
140ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28479160.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Oct 2021 20:09:40 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 4D535AFFAA084142A3F134E4CC1047ED Ref B: PRG01EDGE1012 Ref C: 2021-10-06T20:09:41Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 50ms
49ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28479160&tm=gtm002&Ver=2&mid=5218684b-e054-4ff8-ad30-d9e2227f5d46&sid=5737015026e111ecaf5a6fe877146ec7&vid=573729c026e111ec80ff8f4e19826b06&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Find%20a%20debt%20payoff%20plan%20that%20fits%20your%20needs.&p=https%3A%2F%2Fwellness.stg.billsgcp.com%2Ffinancial-health-survey&r=&lt=1202&evt=pageLoad&msclkid=N&sv=1&rn=753610
Requested by: Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/financial-health-survey
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 06 Oct 2021 20:09:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 5DE93103786E4A7F91AC811B59A5419F Ref B: PRG01EDGE1012 Ref C: 2021-10-06T20:09:41Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame A492 2 KB
1 KB 25ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1342120.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wellness.stg.billsgcp.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qqbFgJ7iYNxker2J00gq_5MDA6eVoicKJp8VjhIDSsKladbDSG8FIw==
age: 6764676

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1342120/ 146 B
323 B 102ms
37ms XHR
application/json 54.76.144.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1342120/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.144.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://wellness.stg.billsgcp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST session
visitortracking.staging.billsdev.com/visitortracking/ 0
0

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 100ms
8ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wellness.stg.billsgcp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 274809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 15:49:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 110ms
18ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wellness.stg.billsgcp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 307795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 06:39:46 GMT

GET
H2 200 fontawesome-webfont.woff2
wellness.stg.billsgcp.com/fonts/ 75 KB
76 KB 124ms
124ms Font
application/octet-stream 45.60.33.186
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wellness.stg.billsgcp.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: wellness.stg.billsgcp.com
URL: https://wellness.stg.billsgcp.com/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.186 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://wellness.stg.billsgcp.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=a77478357f2e4e17e26c5770c255095e62f9cfeb; XSRF-TOKEN=hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN; wellness=QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo; visid_incap_2160967=lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV; incap_ses_471_2160967=a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==; ___utmvc=REbGE3QrKf608otDB1rPbUyP9rFyo7K/XSWtky/X+2vyHVVHiJCR6AB8Kb8sJ7M3ycu81jTfXPEVdP5P1drkL7jPS9rlEkdQbYYQylrip9YABHZC+Wdiou64YqOb6z1Y3VLRVItJuXD0AYNnl5S01hz3mCeDzHz/6+bK2RFYjaG477g1aPWeLVNgwNF6Uqp3NY9GRC5myha6Ns/IogYRHdUDPPvmvmj0XmjlyPAu5TFomR2Kp/K0YWZiY9Uq/LW1Q7UGEvOF0HLOvXtSnvxVGZEEXatANj89kR6BOw/PF4lmaToikxmZPjh8mu2DFQa+iWi0HwDgHLDxGmbYOAymsYADVoezPxhatJJ/h48SiXxo5L0dEBcYVwP+8MPHO9MkJRG3gYEaXa46Af/evZCy3mydTkbuDuaiM/n21+RaOBcCbJEUS5Aj7BZO+Fspy0PqTMX/AICKELGKbBRXxyEHDBhIyB0ye/7TmVi03GcMrrrAXVMItsUyswrmtUWesqLQTghQKUxo3DiTXykR4RRs0d6rQH6bBbC+2hvjgH7x3KrcJcD1T7xkx9Y4bVU0gF9PcnjzGJncdd4QHBS7wt8D/Zzn6A/jssHaAh0qHUrwJTLUWRH1ocIzEQGgix1Nx8aun+139qBly5g/FCrkSo4LKy56XioEZ5hRTuHKgU22+PHsM5dhwv9nr9brMFmudEAFwJlqAarv9pAU7OC+kNoREb82y6IkaVSo8ZkFpMgE1ivptgsFc/WDG3cGijXouE4G9P/3Pfc7bt6zNEyPe3TLEHNak4Yx02laCB9Oa+yPhKdxLckpHvDAogQMTR1hJkwhuXary3gb8IK6Q3JvBFEek7nXnS+djvfB/ltZ+y5qhNMl6fBB4jAquslCKKGORDMWToHYZMSsdFcIS2Q8ccNpeKb2CyDAqoIrXVhchNgNZB8HOXshqkwys/ys84obecYONdaVHlXfkDm/M0KnEFmudGAeg2qToNdfr90xEiIpxy9AzZUgv3ng2ivCSZqSmysbV7nzsV98GVOA6b5V2IMqFHzh4Dor81hi9WWP6T68FCZ/Cm5fTfB4W98ujFrdBk1aF06Ve6UHZYdbEPHz+cnGxZ2Q6hzkYLDfu1/UeU/2sm5zk0kkE9itpp7VNbYfDBv/0C6Tu9FtAXsT31PDN7uZfO/RqhVFAY7JNAZEmE5pPKt8oZX3FGxsr5Np0vcT5fBe2JhwlJ75qk8wJmCfscAJvzZFFUp/ULBjUk0+ez6p8em81CYxa0Llh8bCYNs2ocK/X8mWXe/5ux05jfG3E9QuBNORNhwZ7ZxtvZPsmU2612EIOmS89TWXcqOyz4hGcuwm4Zw73dHSOvz6JWpkxaGhQYaDTBZC7MDLKk2bc4Wo4wk/YixW5ekuESF8I7lN7ybZhBLWV8eRmD0y2GLSM/R5HmatBdTPF8L7L+nPHCAosmd0SK7PnRgZsw4l2DdkaxX8T9gaafY4KBYyTArmi0xqDBA0zIBkbzuIOTamf+3qTqzLt9NwX4NluY8hzlfr8ldnmz5f4abMD7ShdUfhieixrey1xot0IqX1xcPDKhRMAT+jf3JmAUtsfwnPoFn2ZOvjt9iNxaNg8EKDi17wjToZQNYqURXt1PKAyGwnCtTzhqZ/93j7Uv0PhRBXmJNwo+Vh0/4i4OGhp6Q/m5XLI0Q0THnpv+hQmBl5IXmw6hrOWbIXIQ8OQrOUM/pTYDdCmb6ZFXPFrOp2ludiTFd2TTa4j9Jj48rsRPd4MZtQLMFnt78ctj/xJJni+wgOr4YD9sCRldpuFP+wvgHyj78W+3Q/nPFk98g27Nvh+5vO8cMir/rNJSax/392gOBBdEwp+d8Ol1rGqh2exT+5vAn5poa13ce4Xpp6k9MoQODryGtoa+cGY3JvtluO0zyReLAuEaAl6KoeB0wHD/sS3LvBvOqfTv6CA7iy24zijO3zlPI8iOvGMK/Xl54o4nv9MUqF5dz3F3rL4+Rw65QikvPNHxUV3hM/2xXrSiVGKkWKBp33IsL75htvPKHWEVW/ElcKSvi1tPB4e8ji9Q7FaOyhxdg4soD9koLX4N2OcHHUJDJ9eI8FKB9kZQmddAtoOf7Jj/sPoJUkBrzLuNbFxLv4+m7Cg1M40TRYdj73Ln2F9iLuJY04Om3UQEkFTjpKNhjTresoAgkBmTqRBbQZj3GjsiHo4eNhk4C6Sklns+NBcj7iYVFAw/3Ink/Tw9N4R3ibh+vns2DbaaCo8Y4jkSBWjEBkKiDPSpyfn7vvqM8tz2PRYK3ZNPE/+sMn25QpcA/fvpkxoiPyj9tK54f+9+SKxT9LLw+mB70Hlt/DerhK9F8UEsYh2ZqmjX+wVcp01Sa6jo13m1JtHXhLXT1YI1uqqkjiEEZ9qxDA4O39+5iIXj4oiQjbkOIPD264jh7FjBJaaRX6eX6tPuXKy3IPfDUz8LFBbEfc5ZMkTM/IgE6IX0GPToCJ5zMnUqaaCjfOJlqbCqwxOB97LLrkmDd6XgpNg147fOH3EL/v9aFopu8qoqu8e71W20aMuZCsjK3XbGQzy79W8G3vmZ7mCxRD3MvwdJGP9B1jqqEgWomtY/o8AMfoyEusHatKGP01HcYumi+wHLMHAVzJXGy8VJm7YXIXuqUfD8Kyzcxmh5NW6KYW0/P6xQ6UzCVAefBP5SKNd2wIRAIyn6x5U/yXuqRZLGRpZ2VzdD0xODQ0MjUscz04NTg2YTVhNDg4N2U4MjZjYWJhZDhhOWY4NzZjYTU4MjY5YTA5ZGEyOGRhMTdlYWM2NTgwYTc4ZDg3ODdhM2IwNmFhMDg5OGI3NzlmNzE3MQ==; _gcl_au=1.1.89449034.1633550981; __pdst=c5fea8af39dc4fbf9e29ca4ff1853689; _uetsid=5737015026e111ecaf5a6fe877146ec7; _uetvid=573729c026e111ec80ff8f4e19826b06; _hjid=b3378904-1ce7-44bc-b5b8-bd58dc27e24a; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1
:path: /fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: wellness.stg.billsgcp.com
referer: https://wellness.stg.billsgcp.com/css/index.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wellness.stg.billsgcp.com/css/index.css
Origin: https://wellness.stg.billsgcp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:09:41 GMT
last-modified: Wed, 27 Jan 2021 06:48:50 GMT
server: nginx/1.15.5
etag: "60110cd2-12d68"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
x-iinfo: 7-52123408-52123339 PNNN RT(1633550980914 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Tue, 21 Sep 2021 23:27:47 GMT
accept-ranges: bytes
content-length: 77160
x-cdn: Imperva
expires: Thu, 06 Oct 2022 20:09:41 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 106ms
14ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wellness.stg.billsgcp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 143793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:13:08 GMT

OPTIONS
H2 200 session
visitortracking.staging.billsdev.com/visitortracking/ Frame 0
0 212ms
117ms Preflight 34.96.118.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://visitortracking.staging.billsdev.com/visitortracking/session
Protocol: H2
Server: 34.96.118.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.118.96.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://wellness.stg.billsgcp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Apache-Coyote/1.1
access-control-allow-origin: https://wellness.stg.billsgcp.com
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, PATCH
acccess-control-expose-headers: X-Requested-With, Content-Type, Accept, Origin, Access-Control-Request-Method, expires, visitor-id, session-id, cookie, set-cookie
access-control-allow-headers: Access-Control-Expose-Headers, X-Requested-With, Content-Type, Accept, Origin, expires, Access-Control-Request-Method, visitor-id, session-id, cookie, set-cookie
access-control-allow-credentials: true
expires: Mon, 06-Oct-2036 20:09:42 GMT
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Wed, 06 Oct 2021 20:09:42 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJRDLMZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 516
date: Wed, 06 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 06 Oct 2021 22:01:06 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 21ms
7ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 19:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Oct 2021 20:42:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
468 B 43ms
14ms XHR
text/plain 172.253.120.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-131129682-2&cid=1225750494.1633550982&jid=1366594675&gjid=2078192986&_gid=1738325532.1633550982&_u=aGBAiUAjBAAAAE~&z=2003320763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wellness.stg.billsgcp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Oct 2021 20:09:42 GMT
content-type: text/plain
access-control-allow-origin: https://wellness.stg.billsgcp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=119195987&t=pageview&_s=1&dl=https%3A%2F%2Fwellness.stg.billsgcp.com%2Ffinancial-health-survey&dr=&dp=%2Ffinancial-health-survey&ul=en-us&de=UTF-8&dt=Find%20a%20debt%20payoff%20plan%20that%20fits%20your%20needs.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjB~&jid=1366594675&gjid=2078192986&cid=1225750494.1633550982&tid=UA-131129682-2&_gid=1738325532.1633550982&gtm=2wga40NJRDLMZ&cd1=GTM-NJRDLMZ&cd2=32&cd3=&cd4=1633550982017.safljen&cd5=GA%20Page%20View%20-%20Core%20Page%20View&cd40=https%3A%2F%2Fwellness.stg.billsgcp.com%2Ffinancial-health-survey&cd6=1225750494.1633550982&z=1679745786

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 10:38:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34283
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 74ms
38ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-131129682-2&cid=1225750494.1633550982&jid=1366594675&_u=aGBAiUAjBAAAAE~&z=721766991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wellness.stg.billsgcp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 20:09:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: visitortracking.staging.billsdev.com
URL: https://visitortracking.staging.billsdev.com/visitortracking/session

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wellness.stg.billsgcp.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a77478357f2e4e17e26c5770c255095e62f9cfeb
wellness.stg.billsgcp.com/	1970-01-19 21:45:58	Name: XSRF-TOKEN Value: hJWBNVnboqrevwz43t3fi9SKkLJkvmmH22qrGtVN
wellness.stg.billsgcp.com/	1970-01-19 21:45:58	Name: wellness Value: QVIfwKIiCggnia6MPmEq7LhVbMHoMgNlQjy6FhPo
.stg.billsgcp.com/	1970-01-20 06:30:14	Name: visid_incap_2160967 Value: lVCE5LchTBaN+0BJuPtkmIMCXmEAAAAAQUIPAAAAAAD2HQFwbB68Qv3JrBhxqdCV
.stg.billsgcp.com/	1969-12-31 23:59:59	Name: incap_ses_471_2160967 Value: a1a7Ttg9SjL60QNGgVSJBoMCXmEAAAAAWZHQMGHEpZOdLthaN/y7gA==
.billsgcp.com/	1970-01-19 23:55:26	Name: _gcl_au Value: 1.1.89449034.1633550981
wellness.stg.billsgcp.com/	1970-01-20 06:31:26	Name: __pdst Value: c5fea8af39dc4fbf9e29ca4ff1853689
.bing.com/	1970-01-20 07:07:26	Name: MUID Value: 19AD55969F7C632B2611455E9E3E625A
.billsgcp.com/	1970-01-19 21:47:17	Name: _uetsid Value: 5737015026e111ecaf5a6fe877146ec7
.billsgcp.com/	1970-01-20 07:07:26	Name: _uetvid Value: 573729c026e111ec80ff8f4e19826b06
.billsgcp.com/	1970-01-20 06:31:26	Name: _hjid Value: b3378904-1ce7-44bc-b5b8-bd58dc27e24a
.billsgcp.com/	1970-01-19 21:45:52	Name: _hjFirstSeen Value: 1
wellness.stg.billsgcp.com/	1970-01-19 21:45:51	Name: _hjIncludedInPageviewSample Value: 1
.billsgcp.com/	1970-01-19 21:45:52	Name: _hjAbsoluteSessionInProgress Value: 0
wellness.stg.billsgcp.com/	1970-01-19 21:45:51	Name: _hjIncludedInSessionSample Value: 1
.billsgcp.com/	1970-01-20 15:17:02	Name: _ga Value: GA1.2.1225750494.1633550982
.billsgcp.com/	1970-01-19 21:47:17	Name: _gid Value: GA1.2.1738325532.1633550982
.billsgcp.com/	1970-01-19 21:45:51	Name: _dc_gtm_UA-131129682-2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.pdst.fm
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
us-central1-adaptive-growth.cloudfunctions.net
vars.hotjar.com
visitortracking.staging.billsdev.com
wellness.stg.billsgcp.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
visitortracking.staging.billsdev.com
13.107.21.200
142.250.181.227
142.250.184.206
142.250.185.138
142.250.185.232
143.204.98.104
143.204.98.32
143.204.98.93
172.217.23.100
172.253.120.154
216.239.36.54
34.96.118.161
35.244.142.80
45.60.33.186
54.76.144.107
03d311226db51b2965a7a7fe7acea7f6eb9912ff470550f91c44f791ded3db7d
0e827a1f20197cb7c97f9d82cad81bd36440668a1b97643b9c8b5887724d39e1
1649b4c0cee9415ad127e694e63ae52a6d7e383fb2becef6c299a683bb586855
1da0bf58d3ecb1a39a6a0767728d75158419ae0c36bdb6fb53c580df37d39196
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30add3e2eb3e906ed4bb98c63e740041043fa47532310050d49286fb6281bc03
3274e62c301a5d1cfdd91cd479e76b677ac146e20dd95f0de686924ff9d73077
357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c
3ca003230c365c9a5593971712e6528aa39c6abaa9f4777e8cf5071be736d339
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
45d9e5a9dcf2784dd0d4de5471155eaba352fa0e4ba190959c89afcf62dccf26
46602389cbcfa890bf4d38229623976c84aa980fd2be058cf31290d211501a16
4aa91a1faf4c1c15bc0557bfd152a3f8fc8b1cb33af2ed28fb3a840cdcea4e3b
4af1ace7daf1bcbf551e8130c1dbe0f48d0311fd436d0c1e2274667da3696e4a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6ae64f1f180b640a0fcd94e8c21d8692f1b65dc8bb2b53bb350a1f9008e6bbf4
7339ed2d1ef565a472256507574a9bc9eb2bdb4acdf2ce92b4f51babe583ea97
7c3ed33fb69b8db5aee90cb96cd09f1ce9506f279ef687995e936c5ab0c81afd
7f63958351bba89dc5ce27a95bbdbd41f574e8b63ac98ba11f49b704ff54dd00
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93909afa09a522423bb2606b143358a3af440a30b4455fe6d9be413e00c88003
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
b8a42f16f72934294cd2f7affaf56b72e7bc9785f666dd488729f2458bc2c2e8
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
bdf947b82e0cf73fc3195af2c9ec4a6e0ae4462fcb6fdd71fa9f68b64302a337
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c85cf87a0a8e4fc08c6bcf88b09534a4f92c3a229585688f53a4319b8fe62464
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

wellness.stg.billsgcp.com Open in urlscan Pro 45.60.33.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

16 IPs

2 Countries

549 kBTransfer

1441 kBSize

18 Cookies

16 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wellness.stg.billsgcp.com Open in urlscan Pro
45.60.33.186 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

549 kB
Transfer

1441 kB
Size

18
Cookies

42 HTTP transactions
0 data transactions