URL: https://billwallet.com/
Submission: On August 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6812:18e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is billwallet.com.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.
This is the only time billwallet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.208.159 16625 (AKAMAI-AS)
3 2a00:1450:401... 15169 (GOOGLE)
17 4
Apex Domain
Subdomains
Transfer
9 billwallet.com
billwallet.com
2 MB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 46
87 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5013
17 KB
17 3
Domain Requested by
9 billwallet.com billwallet.com
3 accounts.google.com billwallet.com
accounts.google.com
1 appleid.cdn-apple.com billwallet.com
17 3

This site contains no links.

Subject Issuer Validity Valid
billwallet.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1
2024-06-06 -
2024-12-03
6 months crt.sh
accounts.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://billwallet.com/
Frame ID: 1BF09FE517C49E60C9792E397B6E9A19
Requests: 16 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=null&theme=null&size=null&text=continue_with&shape=null&logo_alignment=center&width=350&locale=null&click_listener=null&client_id=206615994153-alo0v1809nk6k18gfuajtehncv9vtqpc.apps.googleusercontent.com&iframe_id=gsi_916266_561716&as=XKr1mKZp6tHdf0MexOF7ug
Frame ID: FCD9B4A386C4D3C3783CADE2AFAA3AAD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BillWalletâ„¢ - The World's first Omni-Channel and Bill Payment Wallet

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Page Statistics

17
Requests

76 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1716 kB
Transfer

4323 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
billwallet.com/
5 KB
3 KB
Document
General
Full URL
https://billwallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834fec973d146b054134ec953c68c31f1dd681bef1a537407886e3335051eaa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8b0c8d91bc100394-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 10 Aug 2024 02:28:32 GMT
expires
0
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
surrogate-control
no-store
x-content-type-options
nosniff
x-debug-message
bill wallet portal index file X-Real-IP 2a00:c98:2f00:20:a::3 X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
x-request-id
e50d503d571cca310f3fabf4f4db8119
x-robots-tag
noindex
x-xss-protection
1; mode=block
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/
42 KB
17 KB
Script
General
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: billwallet.com
URL: https://billwallet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-208-159.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 10 Aug 2024 02:28:32 GMT
Last-Modified
Tue, 30 Jul 2024 20:45:48 GMT
Server
Apple
ETag
W/"43171-1722372348510"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
flutter.js
billwallet.com/
8 KB
3 KB
Script
General
Full URL
https://billwallet.com/flutter.js
Requested by
Host: billwallet.com
URL: https://billwallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e89bd8789a8f2ea7f00394fddb6c173e1661513e1c1c62fc31b6c4f89b7e74a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:32 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
x-xss-protection
1; mode=block
x-request-id
6f1ff9c136e0014d3b845b75e6912694
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
W/"669a7d20-1e62"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
8b0c8d94fddb0394-FRA
expires
Sat, 10 Aug 2024 06:28:32 GMT
main.dart.js
billwallet.com/
3 MB
946 KB
Script
General
Full URL
https://billwallet.com/main.dart.js
Requested by
Host: billwallet.com
URL: https://billwallet.com/flutter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e6c04bf6a51273b9caa633345865f78090d04f8f756c0e586928d71cc2e888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
x-xss-protection
1; mode=block
x-request-id
1ff9421fe53e13bd661021d8610bd9f3
last-modified
Fri, 19 Jul 2024 14:50:11 GMT
server
cloudflare
etag
W/"669a7d23-34d0cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
8b0c8d983fcf0394-FRA
expires
Sat, 10 Aug 2024 06:28:33 GMT
favicon-32x32.png
billwallet.com/icons/
2 KB
2 KB
Other
General
Full URL
https://billwallet.com/icons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbba2ad21a40fd4d0251fc59baa711332615b4b36d39db07d5e72c5ea178773d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
content-length
1641
x-xss-protection
1; mode=block
x-request-id
d341a7d00c9ead4168ce7327612728c5
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
"669a7d20-669"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b0c8d983fd10394-FRA
expires
Sat, 10 Aug 2024 06:28:33 GMT
FontManifest.json
billwallet.com/assets/
333 B
297 B
Fetch
General
Full URL
https://billwallet.com/assets/FontManifest.json
Requested by
Host: billwallet.com
URL: https://billwallet.com/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df029d3de36d4e185be34d914453f8e921c626e2a2e4c3ee7b33c8737b94f6b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:34 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
content-encoding
gzip
etag
W/"669a7d20-14d"
content-type
application/json
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
x-robots-tag
noindex
cf-ray
8b0c8da3ae550394-FRA
x-xss-protection
1; mode=block
x-request-id
4381b5c0ec6d43f086fcbe9cf499167d
MaterialIcons-Regular.otf
billwallet.com/assets/fonts/
8 KB
8 KB
Font
General
Full URL
https://billwallet.com/assets/fonts/MaterialIcons-Regular.otf
Requested by
Host: billwallet.com
URL: https://billwallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082056b525503c19785a87473570e9924ff3e9d2ab340bd532e76292cd2b1a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
Origin
https://billwallet.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
content-length
7916
x-xss-protection
1; mode=block
x-request-id
0f8347843e72aea664a2954a66fa5ce7
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
"669a7d20-1eec"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b0c8da4df020394-FRA
expires
Sat, 10 Aug 2024 06:28:35 GMT
CupertinoIcons.ttf
billwallet.com/assets/packages/cupertino_icons/assets/
1 KB
1 KB
Font
General
Full URL
https://billwallet.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
Requested by
Host: billwallet.com
URL: https://billwallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
Origin
https://billwallet.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
content-length
1272
x-xss-protection
1; mode=block
x-request-id
9b355b2a6862dada7b42baefd012fffa
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
"669a7d20-4f8"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b0c8da4df030394-FRA
expires
Sat, 10 Aug 2024 06:28:35 GMT
FlutterIconsax.ttf
billwallet.com/assets/packages/iconsax_flutter/fonts/
648 KB
649 KB
Font
General
Full URL
https://billwallet.com/assets/packages/iconsax_flutter/fonts/FlutterIconsax.ttf
Requested by
Host: billwallet.com
URL: https://billwallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919e375b4c522c61e40e6fa4c4eed4e4bfb0f27418693e0f69b3b6737cf0763c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
Origin
https://billwallet.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
content-length
663568
x-xss-protection
1; mode=block
x-request-id
12f6bd977333cd25da9af7d0e5d8320d
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
"669a7d20-a2010"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b0c8da4df040394-FRA
expires
Sat, 10 Aug 2024 06:28:35 GMT
client
accounts.google.com/gsi/
227 KB
86 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: billwallet.com
URL: https://billwallet.com/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a6975978caea2cb1bc8e6a03c53f77d645c0fc8f206cf32213f1145e7509525
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GLON6vys0bPnjAnrQFezgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-GLON6vys0bPnjAnrQFezgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 10 Aug 2024 02:28:36 GMT
en.json
billwallet.com/assets/assets/i18n/
0
0

AssetManifest.json
billwallet.com/assets/
0
0

AssetManifest.bin.json
billwallet.com/assets/
0
0

favicon-32x32.png
billwallet.com/icons/
2 KB
0
Other
General
Full URL
https://billwallet.com/icons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbba2ad21a40fd4d0251fc59baa711332615b4b36d39db07d5e72c5ea178773d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-debug-message
static file, X-Real-IP 2a00:c98:2f00:20:a::3, X-Forwarded-For 2a00:c98:2f00:20:a::3, 2a00:c98:2f00:20:a::3
content-length
1641
x-xss-protection
1; mode=block
x-request-id
d341a7d00c9ead4168ce7327612728c5
last-modified
Fri, 19 Jul 2024 14:50:08 GMT
server
cloudflare
etag
"669a7d20-669"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b0c8d983fd10394-FRA
expires
Sat, 10 Aug 2024 06:28:33 GMT
style
accounts.google.com/gsi/
533 B
585 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FPP7pXm13gR44L8cQ59S8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://billwallet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:28:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-FPP7pXm13gR44L8cQ59S8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 10 Aug 2024 02:28:36 GMT
AssetManifest.bin.json
billwallet.com/assets/
0
0

button
accounts.google.com/gsi/ Frame FCD9
0
0
Document
General
Full URL
https://accounts.google.com/gsi/button?type=null&theme=null&size=null&text=continue_with&shape=null&logo_alignment=center&width=350&locale=null&click_listener=null&client_id=206615994153-alo0v1809nk6k18gfuajtehncv9vtqpc.apps.googleusercontent.com&iframe_id=gsi_916266_561716&as=XKr1mKZp6tHdf0MexOF7ug
Requested by
Host: billwallet.com
URL: https://billwallet.com/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LI6QWep8DLvJcTwGaumH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billwallet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LI6QWep8DLvJcTwGaumH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Sat, 10 Aug 2024 02:28:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
billwallet.com
URL
https://billwallet.com/assets/assets/i18n/en.json
Domain
billwallet.com
URL
https://billwallet.com/assets/AssetManifest.json
Domain
billwallet.com
URL
https://billwallet.com/assets/AssetManifest.bin.json
Domain
billwallet.com
URL
https://billwallet.com/assets/AssetManifest.bin.json

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AppleID string| serviceWorkerVersion object| billWalletData object| _flutter function| onGoogleLibraryLoad

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block