www.billgem.com Open in urlscan Pro
142.11.214.116  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.billgem.com/	190 KB 124 KB	675ms 294ms	Document text/html	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 9c8219cf1d2516abb6bb995eb80a7061a27a7c30b7c09956246075574734c413 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 31 Aug 2023 13:22:32 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx
GET H2	200	sentry_head.js Show response www.billgem.com/assets/js/	94 KB 27 KB	276ms 275ms	Script application/javascript	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 174e6bc9eaa3ce84edd4284fd9a033bc704360fb85d94db322cd705c76f52d38 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:32 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag W/"64f09363-1769e" content-type application/javascript cache-control max-age=43200, public expires Fri, 01 Sep 2023 01:22:32 GMT
GET H2	200	index.css www.billgem.com/assets/css/	221 KB 39 KB	276ms 276ms	Stylesheet text/css	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/assets/css/index.css?0c32a2d5ec4eb4ae5ca6 Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 37a92cf0a718da4c6375f0c30bdd46a1aecdb764f8652bc530e4ccdb01003a1a Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:32 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag W/"64f09363-3720d" content-type text/css cache-control max-age=43200, public expires Fri, 01 Sep 2023 01:22:32 GMT
GET H2	200	banner_bg.png www.billgem.com/assets/img/	17 KB 18 KB	250ms 249ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/banner_bg.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 38c6de9a51c1e7d419e1f62cec438d82158791ef811883a2acc7b3eee364e316 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-45bb" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 17851 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	main-daa4a603.png www.billgem.com/assets/img/resize/	111 KB 111 KB	250ms 249ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/main-daa4a603.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 8ce4130d12d0acba596d080690153a382c616ff950c5c6a22987cd1fdc693092 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-1bc86" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 113798 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	dot.png www.billgem.com/assets/img/	10 KB 10 KB	250ms 249ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/dot.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 48922325076ac99252266ee47833131dae0e72efc96a6c46f89dd26014e7885a Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-273a" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 10042 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	icon01.png www.billgem.com/assets/img/	904 B 1 KB	250ms 249ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/icon01.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 3c1b422c328822776cf58fa8b6a10e2bc3c02a0f53a4c3e20b3820d756efcbaf Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-388" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 904 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	icon02.png www.billgem.com/assets/img/	1 KB 1 KB	250ms 249ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/icon02.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 16385a8fbac6d8af2423d5f935725393da5a6a1339995268d082f37a18afda3e Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-43b" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 1083 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	icon3.png www.billgem.com/assets/img/	1 KB 1 KB	250ms 250ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/icon3.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash c1036beab02431501a12a52944f122b304a9a67b951d885af39318ab85e92a30 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-496" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 1174 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	polyfills.js Show response www.billgem.com/assets/js/	165 KB 53 KB	145ms 145ms	Script application/javascript	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/assets/js/polyfills.js?0c32a2d5ec4eb4ae5ca6 Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash c99190fd76534889207431739c428323b17af6f65642be3a863deb725dc4073a Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag W/"64f09363-2940d" content-type application/javascript cache-control max-age=43200, public expires Fri, 01 Sep 2023 01:22:33 GMT
GET H2	200	index.js Show response www.billgem.com/assets/js/	283 KB 87 KB	145ms 144ms	Script application/javascript	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/assets/js/index.js?0c32a2d5ec4eb4ae5ca6 Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 5b3457ba93be02290c8ce14e7ddb7f2af93cb8806be8c2e474996d2f9abf5216 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag W/"64f09363-46b63" content-type application/javascript cache-control max-age=43200, public expires Fri, 01 Sep 2023 01:22:33 GMT
GET H2	200	login.js Show response www.billgem.com/assets/js/	320 KB 95 KB	159ms 157ms	Script application/javascript	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/assets/js/login.js?0c32a2d5ec4eb4ae5ca6 Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 09e5098535d7376bbe752db0f50874bfb1fc641b5e2c14bca0091611f9c285bf Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag W/"64f09363-500f5" content-type application/javascript cache-control max-age=43200, public expires Fri, 01 Sep 2023 01:22:33 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e0183153c62d14fccdd9cec8a8318c554cf9c6f3425143193b44a815a4d496fc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5f23ca6930a2dbea808c7504eef3df0912ab7d7cbbb565338bfbd08d70fb8018 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 015fcf8bca407b25d3232baa803944fad38c9874d9f968e95758d3dc0ef35bb1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bb3b313bf4e0c4f66ba81f73b894ae20ba8b5dacd48ebeffe96f8be81068888 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css fonts.googleapis.com/	6 KB 977 B	81ms 30ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/css/index.css?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9bc61b07de4db63ce9f158bd58ba2fc2e0e5e6d745899ecc0193c4ff49f0a6da Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 31 Aug 2023 13:22:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 31 Aug 2023 13:13:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 31 Aug 2023 13:22:33 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89fa74010c0e1212c3479b7fb0b008990b4210fbed656666ed9b4a430d1fbca0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2cbd93645cad59c6ce875a586bdc10fb79692f367426231e58db868626fb03b2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de2089f6134f863f57f0c9852a5ac9edcaf99200045e4dc8dcc8452d3bd7a857 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5552d163fb99bb12d0657416f780d8d3e16323f31e6da4802fa8e93bbd942345 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 698d6620599886fb30305d8a643b49f58239b75b4469538a4819c8816a64aec0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e7cc2e6354d6144ed9e919c44bdd68479eeb9d2e10a98988db003ac96af2e011 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	action_shap.png www.billgem.com/assets/img/	2 KB 2 KB	140ms 140ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/action_shap.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 7a9178521f35e83cc01a4514d42fc4363c82e749148862e290b7c6f8b073e16b Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-93d" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 2365 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	91ms 41ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.billgem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sat, 26 Aug 2023 05:30:43 GMT x-content-type-options nosniff age 460310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 25 Aug 2024 05:30:43 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	94ms 44ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.billgem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sat, 26 Aug 2023 17:52:03 GMT x-content-type-options nosniff age 415830 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 25 Aug 2024 17:52:03 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	75ms 25ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.billgem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Fri, 25 Aug 2023 19:33:17 GMT x-content-type-options nosniff age 496156 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Aug 2024 19:33:17 GMT
GET H2	200	pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	78ms 28ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.billgem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Fri, 25 Aug 2023 12:23:15 GMT x-content-type-options nosniff age 521958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7840 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Aug 2024 12:23:15 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	71ms 22ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.billgem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 27 Aug 2023 00:14:41 GMT x-content-type-options nosniff age 392872 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 26 Aug 2024 00:14:41 GMT
OPTIONS H2	200	/ moneyfor.com/api/cookies/enabled/	0 0	261ms 178ms	Preflight text/html	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.billgem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.billgem.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 31 Aug 2023 13:22:33 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 1399 x-powered-by PHP/8.1.12
POST H2	200	/ Show response moneyfor.com/api/cookies/enabled/	52 B 253 B	185ms 184ms	Fetch application/json	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c Request headers Referer https://www.billgem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Response headers date Thu, 31 Aug 2023 13:22:33 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.billgem.com x-app-build-number 1399 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	/ moneyfor.com/api/lead-login/etag/	0 0	279ms 197ms	Fetch text/html	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/etag/ Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT content-encoding identity via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 etag "def502000d646e4fccdcc9f84c3f5e8e52803976cbd5052e380151b8db7dafdd53befa868f3e5a74416e17b703e8beca6ed43425900c225b2194f8195047db6a5b12d192796a588be18fae753a1c6ca1cbb6ebd902e4847b30d61be1c1" access-control-allow-methods GET,POST,PUT,PATCH content-type text/html; charset=UTF-8 access-control-allow-origin https://www.billgem.com x-app-build-number 1399 access-control-expose-headers ETag cache-control max-age=0, public access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	hash.js Show response hashsrv.com/js/	33 KB 12 KB	418ms 123ms	Script application/javascript	18.189.126.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hashsrv.com/js/hash.js Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/index.js?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.189.126.174 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-189-126-174.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 1198c10afb9b20636b6684a5933f9010af1cceea2d63ff79dfbad3c1aa6d9bd5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-type application/javascript date Thu, 31 Aug 2023 13:22:33 GMT cache-control max-age=43200, public content-encoding gzip server nginx expires Fri, 01 Sep 2023 01:22:33 GMT
GET H2	200	ajax.php Show response www.billgem.com/api/	226 B 849 B	1144ms 1144ms	Script application/javascript	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.billgem.com/api/ajax.php?action=trackvisit Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/index.js?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 17dac35c4531fb65baec1f502e48c763f94f0f5d49c19302b7bd82952bb9cfc4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Thu, 31 Aug 2023 13:22:34 GMT cache-control no-store, no-cache, must-revalidate content-encoding gzip server nginx expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	team1-9aee0d96.png www.billgem.com/assets/img/resize/	96 KB 96 KB	142ms 140ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/team1-9aee0d96.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 13dc1f9e4abed266a401387c6b5c6584d082c055c1a6475ce6da999a5d7c930b Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-17fc0" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 98240 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	team2-a021a00a.png www.billgem.com/assets/img/resize/	76 KB 76 KB	143ms 142ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/team2-a021a00a.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 982bff158137e7db778664d233cf6b21b184dae5d8e0007bb9e278a6657630d1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-12f4c" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 77644 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	team3-2932c30f.png www.billgem.com/assets/img/resize/	53 KB 54 KB	144ms 143ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/team3-2932c30f.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash e73f2bbb17bd6ff871e67d7bb2926986781c7faccacb3c5e030787265994d096 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-d5b8" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 54712 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	work1-e3283de5.png www.billgem.com/assets/img/resize/	9 KB 10 KB	145ms 144ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/work1-e3283de5.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 85e69f2c0de532c8e9e69129b6e0ed05fbf8b217c2f641d9ea29065aedaf20cd Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-25b1" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 9649 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	work2-15b44c50.png www.billgem.com/assets/img/resize/	11 KB 11 KB	145ms 144ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/work2-15b44c50.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash feefa0d31997631959c520baa5679b60b7909736b61b43adfc94a30164b2b88a Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-2a47" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 10823 expires Sat, 30 Sep 2023 13:22:33 GMT
GET H2	200	work3-b253893c.png www.billgem.com/assets/img/resize/	11 KB 11 KB	145ms 145ms	Image image/png	142.11.214.116 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.billgem.com/assets/img/resize/work3-b253893c.png Requested by Host: www.billgem.com URL: https://www.billgem.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.11.214.116 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-751647.hostwindsdns.com Software nginx / Resource Hash 84be9bb059ac20c3d485d1f3e76f4002a8f701679cb78ac54195046d828390b9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.billgem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 13:22:33 GMT last-modified Thu, 31 Aug 2023 13:19:31 GMT server nginx etag "64f09363-2cd6" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 11478 expires Sat, 30 Sep 2023 13:22:33 GMT
OPTIONS H2	200	/ moneyfor.com/api/lead-login/can/	0 0	179ms 178ms	Preflight text/html	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-leadlogin-etag Access-Control-Request-Method POST Origin https://www.billgem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.billgem.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 31 Aug 2023 13:22:33 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 1399 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/lead-login/can/	58 B 84 B	254ms 254ms	XHR application/json	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash 792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.billgem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 X-LeadLogin-Etag "def502000d646e4fccdcc9f84c3f5e8e52803976cbd5052e380151b8db7dafdd53befa868f3e5a74416e17b703e8beca6ed43425900c225b2194f8195047db6a5b12d192796a588be18fae753a1c6ca1cbb6ebd902e4847b30d61be1c1" Content-Type application/json Response headers date Thu, 31 Aug 2023 13:22:34 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.billgem.com x-app-build-number 1399 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H3	200	/ moneyfor.com/api/cookies/enabled/	0 0	181ms 181ms	Preflight text/html	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.billgem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.billgem.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 31 Aug 2023 13:22:33 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 1399 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/cookies/enabled/	235 B 207 B	184ms 184ms	Fetch application/json	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash e113772f4ba950023b79d17b6cf8fdb0fd05ccdd50493f7651a0cd280a1fb7fd Request headers Referer https://www.billgem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Response headers date Thu, 31 Aug 2023 13:22:34 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.billgem.com x-app-build-number 1399 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H3	200	/ moneyfor.com/api/lead-login/can/	0 0	178ms 177ms	Preflight text/html	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-leadlogin-etag Access-Control-Request-Method POST Origin https://www.billgem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.billgem.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 31 Aug 2023 13:22:34 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 1399 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/lead-login/can/	58 B 84 B	237ms 237ms	XHR application/json	35.244.207.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/sentry_head.js?0c32a2d5ec4eb4ae5ca6 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash 792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.billgem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 X-LeadLogin-Etag "def502000d646e4fccdcc9f84c3f5e8e52803976cbd5052e380151b8db7dafdd53befa868f3e5a74416e17b703e8beca6ed43425900c225b2194f8195047db6a5b12d192796a588be18fae753a1c6ca1cbb6ebd902e4847b30d61be1c1" Content-Type application/json Response headers date Thu, 31 Aug 2023 13:22:34 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.billgem.com x-app-build-number 1399 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	201	offerPageLoaded formalytics.dev/api/form-event/	0 0	312ms 165ms	Ping application/json	34.107.200.92 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://formalytics.dev/api/form-event/offerPageLoaded?session_id=be158a0d52b2448adc10ac5db60fad4a&triggered_at=2023-08-31T15%3A22%3A33.373000%2B2%3A00&form_theme=elvis-us&domain=www.billgem.com Requested by Host: www.billgem.com URL: https://www.billgem.com/assets/js/index.js?0c32a2d5ec4eb4ae5ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.200.92 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 92.200.107.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.billgem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain Response headers

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __SENTRY__ function| captureException function| addBreadcrumb function| clearImmediate function| setImmediate object| regeneratorRuntime object| formalyticsTracker function| _appMoneyForLogout string| _userTrackOfferVisitStatusb15c1201887c76c573df51bae4dd8d40b1698 object| _lg_notifications_ function| collectNotificationsFacade function| IMask function| __AF_executeScript boolean| __AF_HASH_SCRIPT_EXECUTED function| _evercookie_flash_var function| Evercookie function| evercookie object| __AF_BrowserInfo number| __AF_ctrlVcounter number| __AF_printableFlag number| __AF_formFillingTime object| __AF_formFillingTimeInterval object| __AF_noCtrlVfieldsList object| __AF_ClientInfo string| __sessionData object| _sessionInfo

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.billgem.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 31p6h6ohcc4rri7uk3356slpug
			.moneyfor.com/	1970-01-21 00:00:48	Name: mfoid Value: def502004fd8e59dcbfaf5fa0190124914b20d5ffbbcef247474ff97a5cc087e004627a56231ef8de95c9ee690d6e8349f22dafd39ff8829a2e9323d320900bcfa6b75faca4458d31bf2ec9fb8d3dffc2b25483f26b18cc8adcb77835d
			.moneyfor.com/	1970-01-21 00:00:48	Name: mcan Value: 1
			www.billgem.com/	1969-12-31 23:59:59	Name: lg_form_login Value: {%22visitors%22:[]%2C%22offerVisitors%22:[%22def502004fd8e59dcbfaf5fa0190124914b20d5ffbbcef247474ff97a5cc087e004627a56231ef8de95c9ee690d6e8349f22dafd39ff8829a2e9323d320900bcfa6b75faca4458d31bf2ec9fb8d3dffc2b25483f26b18cc8adcb77835d%22]%2C%22etags%22:[%22%5C%22def502000d646e4fccdcc9f84c3f5e8e52803976cbd5052e380151b8db7dafdd53befa868f3e5a74416e17b703e8beca6ed43425900c225b2194f8195047db6a5b12d192796a588be18fae753a1c6ca1cbb6ebd902e4847b30d61be1c1%5C%22%22]}
			.billgem.com/	1970-01-20 14:26:14	Name: _lg_form__leadx Value: %7B%22source%22%3A%22%22%2C%22click_id%22%3A%22%22%2C%22aid%22%3A%2216374%22%2C%22sessionId%22%3A%22be158a0d52b2448adc10ac5db60fad4a%22%2C%22hash%22%3A%22973537d35230dffcdcbd812cee3a71584979275ef515338f01568ab5e223e5ab%22%2C%22PHPSESSID%22%3A%2231p6h6ohcc4rri7uk3356slpug%22%7D
			.www.billgem.com/	1970-01-21 00:00:48	Name: first Value: lg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
formalytics.dev
hashsrv.com
moneyfor.com
www.billgem.com
142.11.214.116
18.189.126.174
2a00:1450:4001:803::200a
2a00:1450:4001:81c::2003
34.107.200.92
35.244.207.205
015fcf8bca407b25d3232baa803944fad38c9874d9f968e95758d3dc0ef35bb1
09e5098535d7376bbe752db0f50874bfb1fc641b5e2c14bca0091611f9c285bf
1198c10afb9b20636b6684a5933f9010af1cceea2d63ff79dfbad3c1aa6d9bd5
13dc1f9e4abed266a401387c6b5c6584d082c055c1a6475ce6da999a5d7c930b
16385a8fbac6d8af2423d5f935725393da5a6a1339995268d082f37a18afda3e
174e6bc9eaa3ce84edd4284fd9a033bc704360fb85d94db322cd705c76f52d38
17dac35c4531fb65baec1f502e48c763f94f0f5d49c19302b7bd82952bb9cfc4
2cbd93645cad59c6ce875a586bdc10fb79692f367426231e58db868626fb03b2
37a92cf0a718da4c6375f0c30bdd46a1aecdb764f8652bc530e4ccdb01003a1a
38c6de9a51c1e7d419e1f62cec438d82158791ef811883a2acc7b3eee364e316
3bb3b313bf4e0c4f66ba81f73b894ae20ba8b5dacd48ebeffe96f8be81068888
3c1b422c328822776cf58fa8b6a10e2bc3c02a0f53a4c3e20b3820d756efcbaf
48922325076ac99252266ee47833131dae0e72efc96a6c46f89dd26014e7885a
5552d163fb99bb12d0657416f780d8d3e16323f31e6da4802fa8e93bbd942345
5b3457ba93be02290c8ce14e7ddb7f2af93cb8806be8c2e474996d2f9abf5216
5f23ca6930a2dbea808c7504eef3df0912ab7d7cbbb565338bfbd08d70fb8018
698d6620599886fb30305d8a643b49f58239b75b4469538a4819c8816a64aec0
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a
7a9178521f35e83cc01a4514d42fc4363c82e749148862e290b7c6f8b073e16b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84be9bb059ac20c3d485d1f3e76f4002a8f701679cb78ac54195046d828390b9
85e69f2c0de532c8e9e69129b6e0ed05fbf8b217c2f641d9ea29065aedaf20cd
89fa74010c0e1212c3479b7fb0b008990b4210fbed656666ed9b4a430d1fbca0
8ce4130d12d0acba596d080690153a382c616ff950c5c6a22987cd1fdc693092
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
982bff158137e7db778664d233cf6b21b184dae5d8e0007bb9e278a6657630d1
9bc61b07de4db63ce9f158bd58ba2fc2e0e5e6d745899ecc0193c4ff49f0a6da
9c8219cf1d2516abb6bb995eb80a7061a27a7c30b7c09956246075574734c413
b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c
c1036beab02431501a12a52944f122b304a9a67b951d885af39318ab85e92a30
c99190fd76534889207431739c428323b17af6f65642be3a863deb725dc4073a
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
de2089f6134f863f57f0c9852a5ac9edcaf99200045e4dc8dcc8452d3bd7a857
e0183153c62d14fccdd9cec8a8318c554cf9c6f3425143193b44a815a4d496fc
e113772f4ba950023b79d17b6cf8fdb0fd05ccdd50493f7651a0cd280a1fb7fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73f2bbb17bd6ff871e67d7bb2926986781c7faccacb3c5e030787265994d096
e7cc2e6354d6144ed9e919c44bdd68479eeb9d2e10a98988db003ac96af2e011
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
feefa0d31997631959c520baa5679b60b7909736b61b43adfc94a30164b2b88a