urlscan.io logo urlscan.io
SecurityTrails logo

westderm.patientbillhelp.com Open in urlscan Pro
40.143.161.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://westderm.patientbillhelp.com/ViewStatement/Index/?pc=146970638203&vc=2a9f0a3340
Effective URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Submission: On March 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 65 HTTP transactions. The main IP is 40.143.161.5, located in United States and belongs to AS17378, US. The main domain is westderm.patientbillhelp.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on December 23rd 2022. Valid for: a year.
This is the only time westderm.patientbillhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34 40.143.161.5 17378 (AS17378)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.18.17.243 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 192.229.233.34 15133 (EDGECAST)
1 ()
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
65 9
34    40.143.161.5 (United States)

ASN17378 (AS17378, US)
westderm.patientbillhelp.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    104.18.17.243 (None, )

ASN13335 (CLOUDFLARENET, US)
js.authorize.net
4    2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.229.233.34 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
static.olark.com
1    (None, )

ASN- ()
westderm.patientbillhelp.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
35 patientbillhelp.com
westderm.patientbillhelp.com
603 KB
19 google.com
pay.google.com — Cisco Umbrella Rank: 2661
play.google.com — Cisco Umbrella Rank: 20
431 KB
4 gstatic.com
www.gstatic.com
103 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
3 authorize.net
js.authorize.net — Cisco Umbrella Rank: 36353
9 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
82 KB
1 olark.com
static.olark.com — Cisco Umbrella Rank: 12434
3 KB
65 7
Domain Requested by
35 westderm.patientbillhelp.com 2 redirects westderm.patientbillhelp.com
static.olark.com
15 play.google.com www.gstatic.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com westderm.patientbillhelp.com
pay.google.com
www.gstatic.com
3 fonts.googleapis.com westderm.patientbillhelp.com
3 js.authorize.net westderm.patientbillhelp.com
js.authorize.net
2 cdnjs.cloudflare.com westderm.patientbillhelp.com
cdnjs.cloudflare.com
1 static.olark.com westderm.patientbillhelp.com
65 8

This site contains no links.

Subject Issuer Validity Valid
*.patientbillhelp.com
SSL.com RSA SSL subCA		 2022-12-23 -
2023-12-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
js.authorize.net
Cloudflare Inc ECC CA-3		 2022-07-08 -
2023-07-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
static.olark.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-16 -
2023-05-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://westderm.patientbillhelp.com/PayBill/PayBill
Frame ID: 98C5EF363E5AD35EFC24D0F70A879AE5
Requests: 42 HTTP requests in this frame

Frame: blob://https://westderm.patientbillhelp.com/d44e8f07-a1f8-4ce3-b16b-3a350ec2d1d1
Frame ID: 24DB3C95DBD5B39720DBD99C5B694B6C
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwestderm.patientbillhelp.com&mid=
Frame ID: 9B7B3DCFFE2207B2A567281E16DB5E23
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Patient Resource Portal

Page URL History Show full URLs

  1. https://westderm.patientbillhelp.com/ViewStatement/Index/?pc=146970638203&vc=2a9f0a3340 HTTP 302
    https://westderm.patientbillhelp.com/StatementNotification/?pc=146970638203&ln=SMITH HTTP 302
    https://westderm.patientbillhelp.com/PayBill/PayBill Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

65
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

1233 kB
Transfer

3342 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://westderm.patientbillhelp.com/ViewStatement/Index/?pc=146970638203&vc=2a9f0a3340 HTTP 302
    https://westderm.patientbillhelp.com/StatementNotification/?pc=146970638203&ln=SMITH HTTP 302
    https://westderm.patientbillhelp.com/PayBill/PayBill Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PayBill
westderm.patientbillhelp.com/PayBill/
Redirect Chain
  • https://westderm.patientbillhelp.com/ViewStatement/Index/?pc=146970638203&vc=2a9f0a3340
  • https://westderm.patientbillhelp.com/StatementNotification/?pc=146970638203&ln=SMITH
  • https://westderm.patientbillhelp.com/PayBill/PayBill
106 KB
107 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4a275585a2858989ed77d7db7bc53bd51d2acb025032ab16c26c5785620980aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, no-store, max-age=0
Content-Length
108726
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 17:07:47 GMT
Expires
Thu, 09 Mar 2023 17:07:46 GMT
Last-Modified
Thu, 09 Mar 2023 17:07:46 GMT
Server
Microsoft-IIS/7.5
Vary
*
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex

Redirect headers

Cache-Control
private
Content-Length
133
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 17:07:46 GMT
Location
/PayBill/PayBill
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1432563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfjsAWl%2BkaUM45ajGY7eodYzn5NCbcliH5s321n6gdcMDyuXqCz6xVeo3XtH4KG1%2FsZl%2BilCDyFTi3OGQiWHg4n7iD6k1NNgulrAwoS6pthQ3%2BmTpBzHtyj6u%2F4eUHekvi7AcNqaVHlRhYH7JoUEO0bG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a54ea943dbebb32-FRA
expires
Tue, 27 Feb 2024 17:07:48 GMT
bootstrap.min.css
westderm.patientbillhelp.com/Content/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/css/bootstrap.min.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
104a2348058028257026e49d76872fc93c12bd2e83ff9617917a378f8ad0b53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
21066
style-2.css
westderm.patientbillhelp.com/Content/css/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/css/style-2.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1cc8c576af09f8a64f26373344a207ea448c12153a1e2946e13d0d8cf6f06046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Feb 2023 14:01:14 GMT
Server
Microsoft-IIS/7.5
ETag
"071b8f88e3cd91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
15384
responsive.css
westderm.patientbillhelp.com/Content/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/css/responsive.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c1c3c32fcf18df455dbf4de43bf8e10ebe0644bf11b1616e779a1dc2a011d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 16:18:21 GMT
Server
Microsoft-IIS/7.5
ETag
"804464de1474d71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
4767
jquery.min.js
westderm.patientbillhelp.com/Scripts/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/jquery.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
30401
bootstrap.min.js
westderm.patientbillhelp.com/Scripts/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/bootstrap.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6b277b4435729f70b53aa151dbe675d9cbc8a6637ad304ab07f581cfbefdfec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
14078
popover.js
westderm.patientbillhelp.com/Scripts/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/popover.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
7256
popper.min.js
westderm.patientbillhelp.com/Scripts/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/popper.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
6877
prc.js
westderm.patientbillhelp.com/Scripts/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/prc.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cfc50c0cc0ed221cf2372ee20ee1762d28f871a130e76f6cd8095c8aeb69a0cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"e8861eabea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
1155
jquery-1.11.min.js
westderm.patientbillhelp.com/Scripts/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/jquery-1.11.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e5839089da433036140f69db87202da542f8c9fcf0f92ca1470acbb71786e107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
37729
westderm.png
westderm.patientbillhelp.com/Content/Logos/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/Logos/westderm.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e0a9ec37885752aff222dfba16aedb25a46bc079926e278264f75bfa85dd08ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Thu, 02 Feb 2023 01:33:53 GMT
Server
Microsoft-IIS/7.5
ETag
"adcef168a636d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
14015
support.png
westderm.patientbillhelp.com/Content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/support.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
73b17e7111d3631ef597725cd3f8d0b72dd4145ffa365be3da09daf5b29ba826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"3f65f6aaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
1537
question.png
westderm.patientbillhelp.com/Content/images/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/question.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c768b86f773b7466abec71fb3dd3e99418ac5c2419da950ea6a588fecfbee1d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"b85f5aaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
756
envelope.png
westderm.patientbillhelp.com/Content/images/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/envelope.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ff6a0afee0e67edc6f0b10e92607b96cd4b7191712dde42fbf12e176247b80b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"a741ebaaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
778
jquery-ui-1.9.2.min.js
westderm.patientbillhelp.com/Scripts/ 		232 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/jquery-ui-1.9.2.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d33d868eda159019a708c14f1e4a0ffd7391efa47b6ec1cc74ce0521df69cdec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
62653
jquery.validate.js
westderm.patientbillhelp.com/Scripts/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/jquery.validate.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
dbb82cd389f278db8bf7373f18b40b8dd6d9aa1346bc7fb12188276153c86b01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
13070
jquery.validate.unobtrusive.js
westderm.patientbillhelp.com/Scripts/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/jquery.validate.unobtrusive.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d0bd6658f9da18b0a473ae5be1df45fda351d7921b85decefdae6f7f58f9e1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
4784
jquery.unobtrusive-ajax.js
westderm.patientbillhelp.com/Scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/jquery.unobtrusive-ajax.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
155ae5c6ca8e869d2765044a094483883aef8d2b9815a4c4bd415c96044ad501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
1720
expressive.annotations.validate.js
westderm.patientbillhelp.com/Scripts/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/expressive.annotations.validate.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
45ad3204a5d07ba52e49263e697a1177893571c95393b06db54a7932539f2726

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
7815
toggle-switch.css
westderm.patientbillhelp.com/Content/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/css/toggle-switch.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a5b0650a348673609a2bf96422c226bbbacae001613d17d6201764d7c17340d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 12:51:03 GMT
Server
Microsoft-IIS/7.5
ETag
"80d5d37e9a2fd71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
2167
combodate.js
westderm.patientbillhelp.com/Content/ComboDate/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/ComboDate/combodate.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
32de5403641b46a616b6aee848d3d2f2b5e485ce9ebf79f1cdb21e55d0f1b2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2019 21:07:33 GMT
Server
Microsoft-IIS/7.5
ETag
"801860bdf77ad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
4931
moment.min.js
westderm.patientbillhelp.com/Content/ComboDate/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/ComboDate/moment.min.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7d894b931469af0b5a103f2d25bbbd8e630fbdfdd8cf7f0c58d368bef3706e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2019 21:07:33 GMT
Server
Microsoft-IIS/7.5
ETag
"801860bdf77ad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
33322
ComboDate.css
westderm.patientbillhelp.com/Content/ComboDate/ 		446 B
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/ComboDate/ComboDate.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
97dae19077f40c171268753c29974e44381a19b1d123a56c870d98d3d1e69209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Last-Modified
Fri, 04 Oct 2019 21:07:33 GMT
Server
Microsoft-IIS/7.5
ETag
"55209ebdf77ad51:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
446
bootstrap-datepicker.js
westderm.patientbillhelp.com/Content/BootstrapDatePicker/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/BootstrapDatePicker/bootstrap-datepicker.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
447bb8dc7271c982934c09cc7886e9f003ac4485319b53980cda780b8d8339d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2019 21:07:27 GMT
Server
Microsoft-IIS/7.5
ETag
"8091ccb9f77ad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
15008
Datepicker.css
westderm.patientbillhelp.com/Content/BootstrapDatePicker/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/BootstrapDatePicker/Datepicker.css
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e8c35cb39308446b4ffc85e5cb4b335c49dc21925c79ffbb5516771da47f9a59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2019 21:07:27 GMT
Server
Microsoft-IIS/7.5
ETag
"8091ccb9f77ad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
2147
card-icon.png
westderm.patientbillhelp.com/Content/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/card-icon.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3923b4f375752e7d17fb716d006fe86656417232eda2c42da2cb91063428e601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:49 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"f0f7e8aaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
50586
bank-logo.png
westderm.patientbillhelp.com/Content/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/bank-logo.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d872dbe7446c4034f061426db0bb36a76d55d90f043925298c78d221d7b53c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:49 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"6bde8aaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
24004
cvv-card.png
westderm.patientbillhelp.com/Content/images/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/cvv-card.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
58f2695b349786c8cc00f80cd2d3d91aed3e92e6a007f1a65826773c3d66aa8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:49 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"88f3eaaaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
108366
tick.png
westderm.patientbillhelp.com/Content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://westderm.patientbillhelp.com/Content/images/tick.png
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4dc444e1e7ed4cd3cda6752e32865c6c6793c2002094fa23c9126a91faf3ada3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:49 GMT
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"bc1f7aaea4dd51:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
7825
Accept.js
js.authorize.net/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/Accept.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.17.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2019 01:03:34 GMT
server
cloudflare
age
1993
etag
W/"0b7e610cf69d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
7a54ea9a2c832bf1-FRA
expires
Tue, 14 Mar 2023 17:07:49 GMT
jquery.creditCardValidator.js
westderm.patientbillhelp.com/Scripts/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Scripts/js/jquery.creditCardValidator.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fc105be859b719445c1461bf5adbb056ee166db33b95b095a2e01a6179dd060f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/PayBill/PayBill
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Aug 2019 13:10:36 GMT
Server
Microsoft-IIS/7.5
ETag
"0aec4aaea4dd51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
Content-Length
2673
pay.js
pay.google.com/gp/p/js/ 		115 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
191c00ded99c58bdc1661aebd91a4974e44edcc4be4162e74ac0fd00ed837f0a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-CEYcm_2_nvZpLevcy1nYIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-CEYcm_2_nvZpLevcy1nYIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 09 Mar 2023 17:07:49 GMT
css
fonts.googleapis.com/ 		5 KB
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700,800
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/Content/css/style-2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b316e0c811bbaba2b4e3a7d669a0d8c296dd23435885eb015d0b70c263b8356b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 17:00:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 17:07:49 GMT
css
fonts.googleapis.com/ 		4 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,800
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/Content/css/style-2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d80ad18ae10fac8a6d5ee82997ec282d12190108e31f2cfe2963360129867cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 17:07:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 17:07:49 GMT
css2
fonts.googleapis.com/ 		2 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Sen:wght@400;700;800&display=swap
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/Content/css/style-2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18dbe0add9e35198130df60e854d40fde3e66198f2871e70fa076755161b6a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 17:04:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 17:07:49 GMT
AvenirLTStd-Medium.otf
westderm.patientbillhelp.com/Content/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/fonts/AvenirLTStd-Medium.otf
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/Content/css/style-2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://westderm.patientbillhelp.com/Content/css/style-2.css
Origin
https://westderm.patientbillhelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Server
Microsoft-IIS/7.5
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
X-Powered-By
ASP.NET
Content-Length
1245
Content-Type
text/html
AvenirLTStd-Book.otf
westderm.patientbillhelp.com/Content/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://westderm.patientbillhelp.com/Content/fonts/AvenirLTStd-Book.otf
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/Content/css/style-2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.143.161.5 , United States, ASN17378 (AS17378, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://westderm.patientbillhelp.com/Content/css/style-2.css
Origin
https://westderm.patientbillhelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 17:07:48 GMT
Server
Microsoft-IIS/7.5
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive, noimageindex
X-Powered-By
ASP.NET
Content-Length
1245
Content-Type
text/html
loader.js
static.olark.com/jsclient/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/loader.js
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.34 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 22 Feb 2023 18:55:40 GMT
server
ECS (frb/6772)
age
4228
etag
W/"63f6652c-2227"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
3120
expires
Thu, 09 Mar 2023 20:07:49 GMT
d44e8f07-a1f8-4ce3-b16b-3a350ec2d1d1
https://westderm.patientbillhelp.com/ Frame 24DB 		147 B
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://westderm.patientbillhelp.com/d44e8f07-a1f8-4ce3-b16b-3a350ec2d1d1
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
147
Content-Type
text/html
AcceptCore.js
js.authorize.net/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.17.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
server
cloudflare
age
1165
etag
W/"092b352f68d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
7a54ea9d49642bf1-FRA
expires
Tue, 14 Mar 2023 17:07:49 GMT
AcceptCore.js
js.authorize.net/v1/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.authorize.net/v1/AcceptCore.js
Requested by
Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.17.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westderm.patientbillhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2019 23:26:44 GMT
server
cloudflare
age
696
etag
W/"092b352f68d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
7a54ea9d98169b33-FRA
expires
Tue, 14 Mar 2023 17:07:50 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://westderm.patientbillhelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2951055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UDgNRPDxrUQHLCa5mOVsc%2FznFGd0lsflb4yv7%2BElkD41t0uKOoRSYedvSAIhK5pksn%2BDKytVf2DK%2BdPJCdocNMIPHyHyEgGiKWnrEAcJXJYBot2UxALS%2F5wdF49Dnl4LoGXw8RtehqeFO1h%2BQPQ2Fsz"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a54ea9d7c90690f-FRA
expires
Tue, 27 Feb 2024 17:07:50 GMT
payframe
pay.google.com/gp/p/ui/ Frame 9B7B 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwestderm.patientbillhelp.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d4c08e9dd0bc357ab5ef7d646ab33cd55a0c4cde82949f0ef9bb52060048f3f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-MzwYRzKti_uUmymTRGT-Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://westderm.patientbillhelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-MzwYRzKti_uUmymTRGT-Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9B7B 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: westderm.patientbillhelp.com
URL: https://westderm.patientbillhelp.com/PayBill/PayBill
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwestderm.patientbillhelp.com&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 9B7B 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwestderm.patientbillhelp.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2e8a01a9ca88f93f433d9ece227e1c258d50e9811c51ecb0c71914d5bbdb8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 17:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56032
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 06:26:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 17:20:38 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFp... Frame 9B7B 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFpWmE3GFXw.L.B1.O/am=MAYAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrimR6JDu_F9ajVb--XjyFfCbjvltA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ef804b0bcfa18e7d7ce98acf61505e4f1ca78b968d1f44a5c33df2a3c8860b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 17:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26252
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 08:24:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 17:20:38 GMT
pay
pay.google.com/gp/p/ui/ Frame 9B7B 		1 MB
384 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9d8ece666ca3643284ac2628410ac08f647176292e52af79c12fc15e11f9a39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HkI_UHH9pgYcx3Egx_GaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HkI_UHH9pgYcx3Egx_GaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 09 Mar 2023 17:07:50 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFp... Frame 9B7B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFpWmE3GFXw.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrimR6JDu_F9ajVb--XjyFfCbjvltA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1055db6e2ff3360e56daddb1dc24e33b2ddc180bf6c4c8095250cdaa25b073c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 17:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 08:24:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 17:20:38 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFp... Frame 9B7B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.NFpWmE3GFXw.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrimR6JDu_F9ajVb--XjyFfCbjvltA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d6fe86d9c9a2e5f9af71a433a5a7cd8cc2f825e39f505ee176df9dba592b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 17:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13384
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 08:24:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 17:20:38 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Mar 2023 17:07:50 GMT
expires
Thu, 09 Mar 2023 17:07:50 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9B7B 		131 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dWgeBNAG_n0.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgI_AlO7688xVGvkMFaQLWrHCz2UA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 17:07:50 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Mar 2023 17:07:50 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| $ function| jQuery object| bootstrap function| Popper function| ValidateNumber function| limit function| onlyAlphabets boolean| matches undefined| url function| doLogout function| olark function| record_olark_chat_info function| DP_jQuery_1678381669634 object| ea function| moment object| datefield function| validateComboDate function| VerifyHIPAADataAjaxSuccess function| VerifyHIPAAClearResults function| validateDate object| Accept string| cdnPath string| encryptEndPoint function| NumberFormatter function| IsPaymentWithDiscount function| selectedInvoices boolean| submitCardValidation string| keyupInput function| validateCreditCard boolean| submitBankValidation function| validateBank function| creditCardSend function| ProcessCreditCardPayment function| messageFunc function| bankAccountSend function| ProcessBankAccountPayment number| step boolean| payment_status string| paybillamount number| saveCardChecked function| next_step string| paymentcode function| loading function| onlyNumeric function| verifyamount function| isNumber function| round2Fixed function| fixed2Decimal function| validateEmail function| onGooglePayLoaded function| getGoogleIsReadyToPayRequest function| addGooglePayButton function| getGooglePaymentsClient function| onGooglePaymentButtonClicked function| getGooglePaymentDataRequest function| getGoogleTransactionInfo function| processPayment object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google boolean| isReady

3 Cookies

Domain/Path Name / Value
.patientbillhelp.com/ Name: PatientBillHelp_SessionId
Value: ccekqcps413zj1l1kmh12c2j
.google.com/ Name: NID
Value: 511=Ej_1vDnhHvMN8h2ge9Y3fqicvdzX0VFl0CYZQ-Z_6jkXdQa7HHPb-pY-MThulMjris7CW8wZ7vpSV2Lj5B01aodnGZ7llmt56EeHC2K4-CYrlln6Aj9464mHcgkRIcUrWwKD4D48lHNEmU2jc3Kfojk3BpN99RYdOT-fzvots6o
.authorize.net/ Name: __cfruid
Value: d0dc629146e1018dfff02ec8dd3fc29f85265b43-1678381669

4 Console Messages

Source Level URL
Text
network error URL: https://westderm.patientbillhelp.com/Content/fonts/AvenirLTStd-Medium.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://westderm.patientbillhelp.com/Content/fonts/AvenirLTStd-Book.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
js.authorize.net
pay.google.com
play.google.com
static.olark.com
westderm.patientbillhelp.com
www.gstatic.com

104.18.17.243
192.229.233.34
2606:4700::6811:190e
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::5c
40.143.161.5
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c
104a2348058028257026e49d76872fc93c12bd2e83ff9617917a378f8ad0b53a
155ae5c6ca8e869d2765044a094483883aef8d2b9815a4c4bd415c96044ad501
18dbe0add9e35198130df60e854d40fde3e66198f2871e70fa076755161b6a53
191c00ded99c58bdc1661aebd91a4974e44edcc4be4162e74ac0fd00ed837f0a
1cc8c576af09f8a64f26373344a207ea448c12153a1e2946e13d0d8cf6f06046
26ef804b0bcfa18e7d7ce98acf61505e4f1ca78b968d1f44a5c33df2a3c8860b
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
32de5403641b46a616b6aee848d3d2f2b5e485ce9ebf79f1cdb21e55d0f1b2d6
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3923b4f375752e7d17fb716d006fe86656417232eda2c42da2cb91063428e601
447bb8dc7271c982934c09cc7886e9f003ac4485319b53980cda780b8d8339d5
45ad3204a5d07ba52e49263e697a1177893571c95393b06db54a7932539f2726
4a275585a2858989ed77d7db7bc53bd51d2acb025032ab16c26c5785620980aa
4dc444e1e7ed4cd3cda6752e32865c6c6793c2002094fa23c9126a91faf3ada3
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
58f2695b349786c8cc00f80cd2d3d91aed3e92e6a007f1a65826773c3d66aa8a
6b277b4435729f70b53aa151dbe675d9cbc8a6637ad304ab07f581cfbefdfec9
73b17e7111d3631ef597725cd3f8d0b72dd4145ffa365be3da09daf5b29ba826
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
7d894b931469af0b5a103f2d25bbbd8e630fbdfdd8cf7f0c58d368bef3706e19
80d6fe86d9c9a2e5f9af71a433a5a7cd8cc2f825e39f505ee176df9dba592b35
8d4c08e9dd0bc357ab5ef7d646ab33cd55a0c4cde82949f0ef9bb52060048f3f
97dae19077f40c171268753c29974e44381a19b1d123a56c870d98d3d1e69209
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
a5b0650a348673609a2bf96422c226bbbacae001613d17d6201764d7c17340d6
a9d8ece666ca3643284ac2628410ac08f647176292e52af79c12fc15e11f9a39
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b2e8a01a9ca88f93f433d9ece227e1c258d50e9811c51ecb0c71914d5bbdb8fb
b316e0c811bbaba2b4e3a7d669a0d8c296dd23435885eb015d0b70c263b8356b
c1c3c32fcf18df455dbf4de43bf8e10ebe0644bf11b1616e779a1dc2a011d0d0
c768b86f773b7466abec71fb3dd3e99418ac5c2419da950ea6a588fecfbee1d7
cfc50c0cc0ed221cf2372ee20ee1762d28f871a130e76f6cd8095c8aeb69a0cd
d0bd6658f9da18b0a473ae5be1df45fda351d7921b85decefdae6f7f58f9e1bb
d33d868eda159019a708c14f1e4a0ffd7391efa47b6ec1cc74ce0521df69cdec
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d80ad18ae10fac8a6d5ee82997ec282d12190108e31f2cfe2963360129867cd3
d872dbe7446c4034f061426db0bb36a76d55d90f043925298c78d221d7b53c20
dbb82cd389f278db8bf7373f18b40b8dd6d9aa1346bc7fb12188276153c86b01
e0a9ec37885752aff222dfba16aedb25a46bc079926e278264f75bfa85dd08ce
e5839089da433036140f69db87202da542f8c9fcf0f92ca1470acbb71786e107
e8c35cb39308446b4ffc85e5cb4b335c49dc21925c79ffbb5516771da47f9a59
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e
f1055db6e2ff3360e56daddb1dc24e33b2ddc180bf6c4c8095250cdaa25b073c
fc105be859b719445c1461bf5adbb056ee166db33b95b095a2e01a6179dd060f
ff6a0afee0e67edc6f0b10e92607b96cd4b7191712dde42fbf12e176247b80b0