billbuds.com Open in urlscan Pro
167.99.242.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billbuds.com/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2021, 5:09:40 am UTC) — Scanned from DE

Summary HTTP 74 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 74 HTTP transactions. The main IP is 167.99.242.112, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is billbuds.com.
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.

This is the only time billbuds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	167.99.242.112 167.99.242.112	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
8	172.67.159.201 172.67.159.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.208.48 172.67.208.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
3	13.224.193.121 13.224.193.121	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1	52.50.124.16 52.50.124.16	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
1	104.16.94.65 104.16.94.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.107.232.249 185.107.232.249	200484 (SENDINBLU...) (SENDINBLUE-ASN)
4	104.17.9.12 104.17.9.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.17.10.12 104.17.10.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	20

28 167.99.242.112 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

billbuds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.159.201 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ysplit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.208.48 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.124.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.107.232.249 (France)

ASN200484 (SENDINBLUE-ASN, FR)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.9.12 (None, )

ASN13335 (CLOUDFLARENET, US)

chat.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.10.12 (None, )

ASN13335 (CLOUDFLARENET, US)

chat-backend.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat-operating-back.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	billbuds.com billbuds.com	2 MB
10	sendinblue.com in-automate.sendinblue.com chat.sendinblue.com chat-backend.sendinblue.com chat-operating-back.sendinblue.com	380 KB
8	ysplit.com www.ysplit.com	82 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	94 KB
4	sibautomation.com sibautomation.com	6 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	cloudflare.com cdnjs.cloudflare.com	164 KB
2	google.com www.google.com	677 B
2	facebook.com www.facebook.com	404 B
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	114 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googleadservices.com www.googleadservices.com	14 KB
74	14

	Domain	Requested by
28	billbuds.com	billbuds.com
8	www.ysplit.com	billbuds.com
4	chat.sendinblue.com	sibautomation.com chat.sendinblue.com
4	sibautomation.com	billbuds.com sibautomation.com static.cloudflareinsights.com
3	script.hotjar.com	static.hotjar.com script.hotjar.com billbuds.com
3	cdnjs.cloudflare.com	billbuds.com cdnjs.cloudflare.com
2	chat-operating-back.sendinblue.com	chat.sendinblue.com
2	chat-backend.sendinblue.com	chat.sendinblue.com
2	in-automate.sendinblue.com	sibautomation.com
2	www.google.com	billbuds.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.facebook.com	billbuds.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	billbuds.com connect.facebook.net
2	www.googletagmanager.com	billbuds.com www.googletagmanager.com
1	static.cloudflareinsights.com	sibautomation.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.hotjar.com	script.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	static.hotjar.com	billbuds.com
74	21

This site contains links to these domains. Also see Links.

Domain
app.billbuds.com
billbuds.legalsites.app

Subject Issuer	Validity	Valid
*.billbuds.com R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.sendinblue.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-07` - `2021-12-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://billbuds.com/
Frame ID: 3F43B4B7268C48F11DD6433B27CD57F4
Requests: 68 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 9D4AB404862CFB55381A905EBEE4211C
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=s1iv9327rzof9bv4zl4xmeys
Frame ID: A4D4EB04B2E948A218BA5023CD499171
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billbuds

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

74
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

20
IPs

5
Countries

3286 kB
Transfer

6522 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://app.billbuds.com/
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://app.billbuds.com/Signup1
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://billbuds.legalsites.app/
Title: Privacy, Terms and conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billbuds.com/ 23 KB
4 KB 283ms
132ms Document
text/html 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

51eae8b45b5bd589c930193a643d9c033edf3987aec6b60b085882f772015e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: billbuds.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Tue, 21 Sep 2021 05:09:35 GMT
etag: "38f25c3a7e11c9133804566bc6183638-ssl-df"
strict-transport-security: max-age=31536000
x-nf-request-id: 01FG3C4RPYCW6DR3X12BFR37AE
vary: Accept-Encoding
age: 0
server: Netlify
content-encoding: br

GET
H2 200 styles.css
billbuds.com/ 36 KB
6 KB 130ms
130ms Stylesheet
text/css 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://billbuds.com/styles.css

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

92a2a128863853f14fcb21705a513030e25355c54ad49981db8828eea92aaaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4RVQAD3MXM9YEF0B2H43
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "ceb77384d8e1b6683d1de36100141197-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 28ms
12ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8931242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10480
cf-request-id: 0a94038c8f0000175e002a6000000001
timing-allow-origin: *
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVxxTFEx2UeaqwKXtSbBj0DsRLhL2LWkib3OtppLTTS6Xj%2BRqPPBbIKZ5ORhfzX1Tsg5qmQRMAnMSdf63cnHi4GPVYjYGK60V1XeyWmcA4hKbYv0kGAX%2F1%2Fi%2Fhsf7IS25Z99yAbm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6920c83f3f8e4e20-FRA
expires: Sun, 11 Sep 2022 05:09:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 55ms
33ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-604972620

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

62e72392422a984407acc84be93a0440e7841d260a0873dbe7bc9663c31b2572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39086
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 05:09:35 GMT

GET
H2 200 logo.svg
billbuds.com/Assets/ 5 KB
2 KB 133ms
133ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/logo.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

39ebeda58768eae4420e1c9bb098f7b632050912d027c98b6ed29cc7fc3c9e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1352EQ9SR3QC74FQJF
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "eefa584b3e8adc3599efc39a8e02bacc-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 ham.svg
billbuds.com/Assets/ 278 B
390 B 122ms
117ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/ham.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

725c849df5e48b5e002ed0d0a87288ce62df8ada01af32453c5e479db9ccd4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/ham.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S18J2B4NEQAXC2KQJCE
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "8338c4af995a932fedd60580d6d7fd4d-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 278

GET
H2 200 down.svg
billbuds.com/Assets/ 2 KB
989 B 129ms
124ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/down.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

67ebd645a894e7f11d1f90d25cb9aa0648f70ffdac81383c6fa9cfc9c8988cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/down.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1AQ9YDXET30D1V2PKK
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "2441e468f61ddb102ae7256dfe188fd1-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 887

GET
H2 200 wifi.png
billbuds.com/Assets/ 23 KB
23 KB 124ms
120ms Image
image/png 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/wifi.png

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8065eb43f43d6061defcbe85ea8ea410886205d3f37140c50baaf350be388343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/wifi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1AG6C3WAXM4RDT5CKQ
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "e63803dcb5983b62a56836ee67dd30d6-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 23716

GET
H2 200 location.png
billbuds.com/Assets/ 8 KB
8 KB 123ms
119ms Image
image/png 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/location.png

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

229e7c147602276ce68f7b3f27c1e7c619cecf70493c89f5676f65555f424326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/location.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1A3Z0DRVATVY8QQ7M7
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "f2eb473c0a3b7ca3d7b7db4e7d1330c8-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 8397

GET
H2 200 dominion.png
www.ysplit.com/assets/landing_page/billers/ 8 KB
8 KB 386ms
326ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/dominion.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2afafab18c75847657a4f12517f5ccf0e71091eca2516d6bc9a8df758668edcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7986
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"1f32-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MTttq7jV61ik0BV6sKNLVDFo6rYSdoTklRAepIqgfKmGXuTIIPS9meq%2FFAfWIuz2FgQU0xHgWQsC4YvZRg3Ir%2F6%2Fdz8IDA4ftEsB5lCID6b9mqQds67bWO1w7LmgJKDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afc727a0-PRG

GET
H2 200 nationalgrid.png
www.ysplit.com/assets/landing_page/billers/ 10 KB
10 KB 392ms
332ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/nationalgrid.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7cc3a9eabe32463fbb1f3d123adbd7812f0fb18f9a8b2ce4a5db9559b57b1efd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10363
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"287b-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiyI8zOrLUz1%2FQGiy8PYaFcz54ZjTk2NoQJ0Xg1lSw%2BYXpyzlF2PE%2FnJP%2B9Y9bk4RbfQRlTHxzK2q92DOFDvzoy%2BhcL6BX6yPp96eNdjSpP5lRYzOgoxYUny7HsNVn6Ouw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afc827a0-PRG

GET
H2 200 pge_large.png
www.ysplit.com/assets/landing_page/billers/ 14 KB
14 KB 549ms
489ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/pge_large.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6caaf6c5b11a1b60f9367f0c583c38725bbd51af1ff93f8052bae17b2c6b75b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14354
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"3812-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L3xjIm2ru9ocjkFLMFPxvsdGzVHGn8pZAyOtWOSPd09dQ84zIgi1KbDZwGXKIBtZHJwRF0vfCpVXunVsN8xugcwIkclLm0czEXR8LUZhO2GfvJKAonZqZW%2B1Gew4fLaYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afc927a0-PRG

GET
H2 200 socal.png
www.ysplit.com/assets/landing_page/billers/ 10 KB
10 KB 441ms
381ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/socal.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 643ffe5d9e71d47675affca8f68affc09e679842ac8125c640ed166324f82c1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10231
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"27f7-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzPHYsDEllnsbqm5Fka5gx3SJhAELQKblAVDbSUPii8Js089fYZuRhBsWE4mCFJdKWA6V%2F4YhKZhNFE6Ztjv3wPc7Tg16LvzyPWS1ojG%2BGKJzhQM2Q0l4Y1%2BhcKFZs8wkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afca27a0-PRG

GET
H2 200 spectrum.png
www.ysplit.com/assets/landing_page/billers/ 10 KB
11 KB 389ms
330ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/spectrum.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 702fd8998443ccbf1705d6577d7404501dde85e3ab9d9ba3a19bd2db197f92cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10493
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"28fd-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOytDYuCaXl30MMEoPQ5SoyAo%2Fk0ji8D3h8uokGxU7CUsZ89fHE5p8uL5iqv%2F3kM0h%2FsMtmCxyKs%2B0lR3Cm1OzZeIxRYc12S2O9lj9Q3BxtdY9y7qxazPIu3%2BcdaJ7J4rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afcd27a0-PRG

GET
H2 200 verizon.png
www.ysplit.com/assets/landing_page/billers/ 9 KB
9 KB 452ms
392ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/verizon.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 93c1342675fa06334a1170faba47ed0e80013529ed01e2c83b2f0abbbea202d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8809
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"2269-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMb6Pqy1q6bPe04SxQM8PRq7%2FehTNLCoZToxZigqDnoOdRJ8nWCwVJBWovOu79p%2B%2Bqll9ZsYyrLl91yokvreH4XX%2BgGwzaEwVP%2FN8u8hPVFNBvRkm8AGhqF3Ca6WHsrcTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afcb27a0-PRG

GET
H2 200 xfinity.png
www.ysplit.com/assets/landing_page/billers/ 5 KB
6 KB 323ms
323ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/xfinity.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 42949cbf786327d430c7e7d9ea10bba9dd0a9b845d7df87cf324d3c93f9020e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5604
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"15e4-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKvEs5qzvk4j73DHY2WWcYIgSurMVugQYG%2Brw7odmx9eEuM4JeLv1dMcS%2FWcQIgVSgRUoUOGFoJAjvDBBdVIRqYaNU9GcSOABrHe9oPok2%2Fc40PtPaLnWu88wwJbZCwbmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afcf27a0-PRG

GET
H2 200 xcel.png
www.ysplit.com/assets/landing_page/billers/ 13 KB
14 KB 427ms
427ms Image
image/png 172.67.159.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ysplit.com/assets/landing_page/billers/xcel.png
Requested by: Host: billbuds.com
URL: https://billbuds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8753ef4bce6d8cdeb1bc9555149e57cee41f66c04ab136afac563e4c54b7548f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13562
last-modified: Fri, 17 Sep 2021 20:17:15 GMT
server: cloudflare
etag: W/"34fa-17bf567f0f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADjuaRIfa4qJnLoETHi1%2FNtXAZ3Ir4%2BfowvkrOCk%2Bc4qnkG1b9zvh6n7meGUxbUQEJGPXAEaUUPFsu9fuMNDlJn6c8mbEcEvKzWlFJiup2FS5qRuUwB91RsAGwi4EADRug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6920c840afd027a0-PRG

GET
H2 200 setup.png
billbuds.com/Assets/ 24 KB
24 KB 122ms
118ms Image
image/png 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/setup.png

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8d89abe95691579631915d4a9d5d62851e3a6ad786a128c6243b650e3f242a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/setup.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1B2RHYQ5MKEWSX01ZB
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "51fd7e5a556d9584154c641b80933c2e-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 24613

GET
H2 200 gauze.svg
billbuds.com/Assets/ 66 KB
46 KB 135ms
131ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/gauze.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

1d00fd15bcaefd3b6c30e84bcdee8ec46b9395298e6287fad959e51e4a68f981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/gauze.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1BFNXHC4JM52Q1NT2Q
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "a26c931602670a7483393f0e87511724-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 utiboiall.svg
billbuds.com/Assets/ 807 KB
524 KB 128ms
124ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/utiboiall.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8ce9c9e7f6211ff32297d8ad27c5d8ea7e92cb901a15b7679e207e03e384ad5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/utiboiall.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1BF0ZNVK6FSFPD34Y5
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "90d843a411d32b50abbc8465f0603e17-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 utiboi.png
billbuds.com/Assets/ 30 KB
30 KB 128ms
124ms Image
image/png 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/utiboi.png

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8d5e9ce0c118251ada251c32c0308a4b28f2e5cc01f678a5bb21379bea746281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/utiboi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1B2XY8TC29HPYNHSWZ
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "4b6156e917375fc5aa491a32fa0bae7e-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 30499

GET
H2 200 coins.svg
billbuds.com/Assets/ 258 KB
178 KB 128ms
124ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/coins.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

73da88ffb68ba8b76df11b9a4e8319f64ddc6c4e3568757f7a70fae0de7c2136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/coins.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1BQ0BTYHD3W6XCG5YB
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "53ed4de02908932b17c8ed0323ebd148-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 coins2.svg
billbuds.com/Assets/ 258 KB
178 KB 128ms
125ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/coins2.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

466b17bbc244aa4432a6e1647c58f5a954a982b8b96134c10b0d3e47b18b6849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/coins2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1B27RCQR531NJSJXZS
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "a49ac6b3f9589c82f3d4bb7382d5bb1f-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 saveall.svg
billbuds.com/Assets/ 773 KB
510 KB 195ms
191ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/saveall.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

febc3f083da3c37c5801c100814bcf1d69d0f35ab57797336f572d9fe0c49b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/saveall.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1D6BPFW9SJRE9CP5SP
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "a04f3060f3e93120bd1261bda4e710f3-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 saveone.svg
billbuds.com/Assets/ 172 KB
112 KB 257ms
254ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/saveone.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a9a89b3474041d8d593042807a7bfae52d17cfddaeacfbe5d38c0e75822c3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/saveone.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1EY51AR72C9C5PX892
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "2bd232781803874ee4896a595f3009c6-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 utliscore.svg
billbuds.com/Assets/ 97 KB
63 KB 134ms
131ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/utliscore.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

0dbf062cc559bcab67a3ae09797991b9bc56d21457e90a5288cec891fea5d906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/utliscore.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1EFZ5EBVK8Q10HXFZ6
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "a9604b2e66fdf7a6d3e42f502ec33bc9-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 signup.svg
billbuds.com/Assets/ 200 KB
148 KB 139ms
136ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/signup.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3c5810d3cedf6944a1373a3c8a032224aebaf74733b4e781e4ef0aa49a0eadf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/signup.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1E2SEEVB54D4GR740P
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "5693c6302ad733458d997fe4b1a56978-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 addrm.svg
billbuds.com/Assets/ 207 KB
149 KB 228ms
225ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/addrm.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

02b46fef4a7cb7da7faf77ebc261bf7abd8b2915c08a9b0f25ebb7ce0cffa805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/addrm.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1E9GNNQRJTWQBX9EDB
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "1e2f686e4b5b056a606d99eac0f735f9-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 track.svg
billbuds.com/Assets/ 322 KB
237 KB 133ms
130ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/track.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

131101dc7b149ce13730209b2c41264cb0454a5e9339bc165fbd88206249eb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/track.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1ES9EBW8YG0P8AVHME
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "2298cf258c61b289c789d8f480c1a8d9-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 person.svg
billbuds.com/Assets/ 558 B
656 B 126ms
123ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/person.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

dd85ceaf4c6b171222580f552609b2e91c34bcf85309d2e85629125800015739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/person.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1E8QNNQDPGD724N3QH
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "0c25e932cfd6c74fde66b67316a243b8-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 558

GET
H2 200 email.svg
billbuds.com/Assets/ 947 B
1 KB 234ms
231ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/email.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

5403a3123c600917c661fb7ce47d8ba2f01c45f247c866bd23e55a3c79503c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/email.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1ETCZX3B4R05CTW76J
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "e01236eeb66b24276bd88d48d15f852a-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 947

GET
H2 200 phone.svg
billbuds.com/Assets/ 514 B
612 B 343ms
341ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/phone.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

d9123f42bf55fb17a81f694ccfe7e412e6f796518d14b184ead3250da460f5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/phone.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1E5ZQR67V23216797C
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "2ca299f93c1687f0f0b74c273e613c06-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 514

GET
H2 200 star.svg
billbuds.com/Assets/ 1 KB
703 B 322ms
320ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/star.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

a6737315b22fa4d25ebfa2c12eb3027acdd55f7f7153c6cf71ab7cd08bd9c0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/star.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1EFRX32MZNW4QV0D28
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "e1792fec92d15d4dc4c7a5bb88fb5c26-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 602

GET
H2 200 message.svg
billbuds.com/Assets/ 1 KB
571 B 236ms
234ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/message.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

fa103f6ac6b0b2a7122628bea2158c4ec85c0e8b3663a88aba4b087c565de8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/message.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1E0E6Q9NNYBDF94Q4W
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "2feee30ed8ab9b58e65af81b2603e475-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 469

GET
H2 200 close.svg
billbuds.com/Assets/ 842 B
940 B 236ms
234ms Image
image/svg+xml 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billbuds.com/Assets/close.svg

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /Assets/close.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1EN8VT07JTW0K5N78S
date: Tue, 21 Sep 2021 05:09:35 GMT
server: Netlify
age: 0
etag: "e7049c73be9a3dc44ed74064046d0d05-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 842

GET
H2 200 index.js Show response
billbuds.com/ 26 KB
1 KB 135ms
135ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://billbuds.com/index.js

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

5d3f79fdf676ad2362952c170e0085aa88d319172623ac051a73d1b8569a9515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: billbuds.com
referer: https://billbuds.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4RWPHQRXMWVFG7QK1EYT
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "86c8e81c547c9db790c9c538858ac1ed-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 sa.js Show response
sibautomation.com/ 5 KB
3 KB 173ms
144ms Script
text/javascript 172.67.208.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/sa.js?key=s1iv9327rzof9bv4zl4xmeys

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

96abd86501ebc76123d99cdc5177c3bbffe1e0f46f8c893dc0f7090dc59b9583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Sails <sailsjs.com>
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
x-sib-server: SENDINBLUE-web1-2
cf-bgj: minify
server: cloudflare
etag: W/"1a97-uFJ9BZW7VNd8tRxFgFj2ga+6Ffk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdUygaJixBpmtsIOGO63nBRroH6LMUHFPFgxJrao6a67%2BRh1YApbzwl%2Fxqt3eiVpSNwHTqCxcbUVFz%2FvyZn%2BNixvi%2BDMz8ZeySZWBDfpZHnpG8Xm%2B5fPckmgueeIj66oam4cgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-polished: origSize=6807
cf-ray: 6920c8407e3e4137-PRG
expires: Tue, 21 Sep 2021 09:09:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: T8WO/+LtAmkT7Pp2F6B4hoElHM9oRdHE6xvQLoU+inWMy3ZjE+X2nVHSDjJ2FdlXvgbyRlrc4kR/wpkU4QgLIw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 05:09:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2178473.js Show response
static.hotjar.com/c/ 5 KB
3 KB 61ms
42ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2178473.js?sv=6

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

ed0a5b71e45950a660845fa6ea03921f7516389c8bb08187974d825f6ce81a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-edge-origin-shield-skipped: 0
etag: W/de791b755362f2e7a0399576d1d9072f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: cKDJjuNu-pXQi4S2fQTRSGU3PmWVIA1qOxoTjNuaA0X7jSXW1LrszA==
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)

GET
H2 200 Gilroy-Regular.woff
billbuds.com/font/ 36 KB
36 KB 541ms
540ms Font
application/font-woff 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://billbuds.com/font/Gilroy-Regular.woff

Requested by

Host: billbuds.com
URL: https://billbuds.com/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

65aaefc70732f81621ea791f680fecf68db87077435b1c47b5c4f191e26ba4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /font/Gilroy-Regular.woff
pragma: no-cache
origin: https://billbuds.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: billbuds.com
referer: https://billbuds.com/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billbuds.com/styles.css
Origin: https://billbuds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1HEW7YB6MW4D2VEFRP
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "dd87d63b2b84ac44dd0bf198ba3d564c-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 Gilroy-Bold.woff
billbuds.com/font/ 37 KB
37 KB 341ms
341ms Font
application/font-woff 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://billbuds.com/font/Gilroy-Bold.woff

Requested by

Host: billbuds.com
URL: https://billbuds.com/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

d27594f8838badd583c36992695ab5d4d0ffdbab450792f719a8cb3a921989ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /font/Gilroy-Bold.woff
pragma: no-cache
origin: https://billbuds.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: billbuds.com
referer: https://billbuds.com/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billbuds.com/styles.css
Origin: https://billbuds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3C4S1HKQW4V3W0GF7GA7BT
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
server: Netlify
age: 0
etag: "e0fc3901834bdeeeb0a0ae096e8114ad-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 38236

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 25ms
16ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://billbuds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2195903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78196
timing-allow-origin: *
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-13174"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6e69jLRmtLu%2BCPa3EPnRSwBkPYN3U3n91cZBC3b%2B4zRycEfz3VKkl988Jcd2vptSXnsgAhWgLk0DeCgBWaFiI8mjU9J4WgziLU1%2FhPaPiC4PHkeF%2FdJkAjjBhXYONdX4nGon96W"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6920c8405ff4697f-FRA
expires: Sun, 11 Sep 2022 05:09:35 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 47ms
38ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://billbuds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1071177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 76764
timing-allow-origin: *
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-12bdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuc3UwWgjl2bVD6iy%2Bm2g6sCc3d0Z9UmVVa8RxtKnMExx%2BXKJ6dzxYyz7fURj4zV6fgzN6%2BE2xwNuT3Rs9%2BUNO0C5YNr40AuiH4JdnLgNeg56SC478jTjoIcNo6ihYVeDFvCQQj7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6920c8405ff6697f-FRA
expires: Sun, 11 Sep 2022 05:09:35 GMT

GET
H3 200 141429134295376 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 96ms
87ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/141429134295376?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

29319904b2b5d64ca011deb58b44e3ea03210f47695ef960911d21b2ece6d0e2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MQ8OexyAKTTfRWBCezvavTRLAug5IZcOOvSzSIdtTLPEB76RQzETrqCAIpTw5BYfUJNFQmZX+Vcwhkcmy+Ufxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 21 Sep 2021 05:09:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 64ms
41ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174548888-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-604972620

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a661ff039dbe54981484190b5e25d6ae6a0a8736c69256e077fd874094b732fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40325
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 05:09:35 GMT

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 28ms
12ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2178473.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1029269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ecALiG6iPGuat02cuT5HsHfoqXJolxeFOB5iaLnhlJ98lWXgCo2s_g==

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 9D4A 2 KB
1 KB 40ms
6ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2178473.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billbuds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 6YePz-lJ613p2K79Us_6gUZP20It6yPB_j1FND-KO6BXRgYMzdcMAg==
age: 5414670

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 57ms
17ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174548888-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1055
date: Tue, 21 Sep 2021 04:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 06:52:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 43ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-604972620

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14069
x-xss-protection: 0
server: cafe
etag: 5051469215060845982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 05:09:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 21ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141429134295376&ev=PageView&dl=https%3A%2F%2Fbillbuds.com%2F&rl=&if=false&ts=1632200975584&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632200975582.1450206382&it=1632200975442&coo=false&rqm=GET

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 05:09:35 GMT

GET
H3 200 cm.html Show response
sibautomation.com/ Frame A4D4 3 KB
2 KB 181ms
162ms Document
text/html 172.67.208.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?key=s1iv9327rzof9bv4zl4xmeys

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=s1iv9327rzof9bv4zl4xmeys

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

67f52e49e9151804a05b07d3e1d20879ab73f6860c7138322e88827d144bd427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: sibautomation.com
:scheme: https
:path: /cm.html?key=s1iv9327rzof9bv4zl4xmeys
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billbuds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-apo-via: origin,host
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Sails <sailsjs.com>
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web2-2
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: max-age=7200
cf-cache-status: MISS
last-modified: Tue, 21 Sep 2021 05:09:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoZDPQlJi2pRb8NjKRQSzLtaFxDTFj1fWg3LXiDjM%2BqivI8ZWaJA1chaYVgR7CvswDzmhzyBw47AmBVIYCT3qEDZeOkdYvpeADXVHwhu4XR%2FAgX8CHuxcmPCS6jwdNySBbYBKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6920c841ab5b410d-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2178473/ 146 B
323 B 101ms
36ms XHR
application/json 52.50.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2178473/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://billbuds.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 preact-incoming-feedback.26d973fdc6fa0689912b.js Show response
script.hotjar.com/ 142 KB
28 KB 7ms
7ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.26d973fdc6fa0689912b.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

dfd96b79897e47fd4bda4fbe0dea06a0273a85bb8aaea294fc90b91acc8c5139

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1029269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28348
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "91406c099b6ec96ce4c499a27a2b9850"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: u-1PB_iX6XbS-awpQLQ-q-Urlat3huP_cXbrWNp9VBglLcg8ea1xYg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/604972620/ 2 KB
2 KB 42ms
18ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604972620/?random=1632200975620&cv=9&fst=1632200975620&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbillbuds.com%2F&tiba=Billbuds&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c2be2c3780e4e4fec70252c599c715de0cafdf85ed99c5542409ba7038c56e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/604972620/ 2 KB
1 KB 40ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604972620/?random=1632200975622&cv=9&fst=1632200975622&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fbillbuds.com%2F&tiba=Billbuds&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c7f7198152ca052c695b23ed5b32d37ab6ad779d244469d54c07121682c48f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 24ms
7ms Font
application/octet-stream 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billbuds.com/
Origin: https://billbuds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 03:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20135551
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 15:20:31 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: application/octet-stream
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: VAnwZ1gz0kXFneO6Bx2tBFZ5bJiY7TjFkKbqGp6k0tYSQySJ_rcGRg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 41ms
20ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2121228737&t=pageview&_s=1&dl=https%3A%2F%2Fbillbuds.com%2F&ul=en-us&de=UTF-8&dt=Billbuds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=785772527&gjid=198072759&cid=909600916.1632200976&tid=UA-174548888-1&_gid=692880254.1632200976&_r=1&gtm=2ou9k0&z=1583382395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billbuds.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://billbuds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/604972620/ 42 B
569 B 42ms
19ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/604972620/?random=1632200975620&cv=9&fst=1632200400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbillbuds.com%2F&tiba=Billbuds&async=1&fmt=3&is_vtc=1&random=589391547&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/604972620/ 42 B
108 B 44ms
21ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/604972620/?random=1632200975622&cv=9&fst=1632200400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fbillbuds.com%2F&tiba=Billbuds&async=1&fmt=3&is_vtc=1&random=4120053664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
458 B 62ms
21ms XHR
text/plain 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-174548888-1&cid=909600916.1632200976&jid=785772527&gjid=198072759&_gid=692880254.1632200976&_u=YEBAAUAAAAAAAC~&z=1171537089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://billbuds.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Sep 2021 05:09:35 GMT
content-type: text/plain
access-control-allow-origin: https://billbuds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame A4D4 13 KB
5 KB 63ms
42ms Script
text/javascript 104.16.94.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=s1iv9327rzof9bv4zl4xmeys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 15:43:35 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6920c842dd7c6916-FRA

GET
H/1.1 204
No Content cm Show response
in-automate.sendinblue.com/ Frame A4D4 0
226 B 84ms
17ms XHR
text/plain 185.107.232.249
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://in-automate.sendinblue.com/cm?uuid=864a83cd-6e0d-46e3-8dd8-af0b541a4d74&key=s1iv9327rzof9bv4zl4xmeys&cuid=dcd21be2-669a-4369-95e7-6ea0ff6c9d6f

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=s1iv9327rzof9bv4zl4xmeys

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.107.232.249 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 21 Sep 2021 05:09:35 GMT
Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Sib-Server: SENDINBLUE-srv-pr-rancher-worker-13

GET
H3 200 chat.js Show response
sibautomation.com/ 2 KB
1 KB 125ms
124ms Script
text/javascript 172.67.208.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/chat.js?key=s1iv9327rzof9bv4zl4xmeys

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=s1iv9327rzof9bv4zl4xmeys

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ded359d12017fdf2d3e58b93ed0db143455ada65c9c6b388768a77922481ef17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1
x-sib-server: SENDINBLUE-web2-3
cf-bgj: minify
server: cloudflare
etag: W/"774-ON00xbgTM7fvk+DsCNXvmkjN7xs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4gI17bMQjG8QtdT6Y07%2FCMvk9Prwn90mKaGFZdn%2Flwu7AX2l3UbIOxYb%2FwHT3rASrJlEPj3Vy3ONPNyVMDbKsD9J80cU8ej33qHQuczBgAwnDxO3km5L4X0VEIvS%2FTgDuiSaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-polished: origSize=1908
cf-ray: 6920c8432c62410d-PRG
expires: Tue, 21 Sep 2021 09:09:35 GMT

POST
H3 200 rum Show response
sibautomation.com/cdn-cgi/ Frame A4D4 0
72 B 19ms
18ms XHR
text/plain 172.67.208.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sibautomation.com/cm.html?key=s1iv9327rzof9bv4zl4xmeys
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Tue, 21 Sep 2021 05:09:35 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6920c8432c66410d-PRG
x-frame-options: DENY

GET
H2 200 sib-chat.js Show response
chat.sendinblue.com/static/js/ 615 B
576 B 59ms
26ms Script
application/javascript 104.17.9.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.sendinblue.com/static/js/sib-chat.js

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/chat.js?key=s1iv9327rzof9bv4zl4xmeys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.9.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c52e52c398011c9d8310368234ff1f337e3b17f73e8aeba543bb8d11be70afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7036
cf-polished: origSize=641
last-modified: Fri, 25 Jun 2021 06:02:28 GMT
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-16
cf-bgj: minify
server: cloudflare
etag: W/"60d57174-281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6920c84419956903-FRA
expires: Tue, 21 Sep 2021 09:09:36 GMT

GET
H2 200 vendor.17e2b927.chunk.js Show response
chat.sendinblue.com/static/js/ 1 MB
239 KB 34ms
34ms Script
application/javascript 104.17.9.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.sendinblue.com/static/js/vendor.17e2b927.chunk.js

Requested by

Host: chat.sendinblue.com
URL: https://chat.sendinblue.com/static/js/sib-chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.9.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9991c8c6983398e3b2cca34a6f47a7209cf744c369b00101415a216d2873764a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7035
cf-polished: origSize=1231239
last-modified: Fri, 25 Jun 2021 06:02:27 GMT
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-14
cf-bgj: minify
server: cloudflare
etag: W/"60d57173-12c987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6920c84449dc6903-FRA
expires: Tue, 21 Sep 2021 09:09:36 GMT

GET
H2 200 react-bundle.d4550087.chunk.js Show response
chat.sendinblue.com/static/js/ 199 KB
49 KB 27ms
26ms Script
application/javascript 104.17.9.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.sendinblue.com/static/js/react-bundle.d4550087.chunk.js

Requested by

Host: chat.sendinblue.com
URL: https://chat.sendinblue.com/static/js/sib-chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.9.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd70d452035bca77d904f22e1e375c185a9c7a08ce611dbd2083580bb2d2ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7035
cf-polished: origSize=203924
last-modified: Fri, 25 Jun 2021 06:02:27 GMT
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-13
cf-bgj: minify
server: cloudflare
etag: W/"60d57173-31c94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6920c84449e06903-FRA
expires: Tue, 21 Sep 2021 09:09:36 GMT

GET
H2 200 main.43e2b301.js Show response
chat.sendinblue.com/static/js/ 329 KB
90 KB 29ms
29ms Script
application/javascript 104.17.9.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.sendinblue.com/static/js/main.43e2b301.js

Requested by

Host: chat.sendinblue.com
URL: https://chat.sendinblue.com/static/js/sib-chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.9.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726c45162fbb32b2384793015c618d32189d23aaf9f18b577b4e1351a7a48cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7035
cf-polished: origSize=336540
last-modified: Fri, 25 Jun 2021 06:02:27 GMT
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-23
cf-bgj: minify
server: cloudflare
etag: W/"60d57173-5229c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6920c84449e16903-FRA
expires: Tue, 21 Sep 2021 09:09:36 GMT

GET
H/1.1 204
No Content p Show response
in-automate.sendinblue.com/ 0
226 B 17ms
16ms XHR
text/plain 185.107.232.249
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://in-automate.sendinblue.com/p?key=s1iv9327rzof9bv4zl4xmeys&cuid=dcd21be2-669a-4369-95e7-6ea0ff6c9d6f&ma_url=https%3A%2F%2Fbillbuds.com%2F&sib_type=page&ma_title=Billbuds&sib_name=Billbuds&ma_referrer=&ma_path=%2F

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=s1iv9327rzof9bv4zl4xmeys

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.107.232.249 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 21 Sep 2021 05:09:36 GMT
Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Sib-Server: SENDINBLUE-srv-pr-rancher-worker-10

OPTIONS
H2 200 operators
chat-backend.sendinblue.com/chat/ Frame 0
0 128ms
94ms Preflight 104.17.10.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-backend.sendinblue.com/chat/operators

Protocol

Server

104.17.10.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-auth-token
Origin: https://billbuds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Disposition,Authorization,Origin,Accept,X-auth-token,X-source-url
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://billbuds.com
vary: Origin
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-online-11
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6920c845da5b4e61-FRA

GET
H2 200 operators Show response
chat-backend.sendinblue.com/chat/ 181 B
287 B 104ms
104ms XHR
application/json 104.17.10.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-backend.sendinblue.com/chat/operators

Requested by

Host: chat.sendinblue.com
URL: https://chat.sendinblue.com/static/js/vendor.17e2b927.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.10.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093ad56a2232403d9ba9208b714e06061602f752dc254e22add32eaaed3b2bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/json
Referer: https://billbuds.com/
X-auth-token: eyJhbGciOiJIUzI1NiJ9.MzM4NTY2OA.Nl5UODe7UAO1i2dpl3hOVkRxB16OIjv3nSjNq3t2eO4
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://billbuds.com
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 6920c8467b184e61-FRA
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-online-44

POST
H2 200 thread Show response
chat-operating-back.sendinblue.com/chat/ 282 B
312 B 131ms
130ms XHR
application/json 104.17.10.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-operating-back.sendinblue.com/chat/thread

Requested by

Host: chat.sendinblue.com
URL: https://chat.sendinblue.com/static/js/vendor.17e2b927.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.10.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.10

Resource Hash

b080a925baefe4c6e0db1114327ec4edee7b2120a075cdb5a1808a5dc78e70cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/json
Referer: https://billbuds.com/
X-auth-token: eyJhbGciOiJIUzI1NiJ9.MzM4NTY2OA.Nl5UODe7UAO1i2dpl3hOVkRxB16OIjv3nSjNq3t2eO4
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-source-url: https://billbuds.com/
Content-Type: application/json

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.10
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: https://billbuds.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6920c847dcc14e61-FRA
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-24

OPTIONS
H2 200 thread
chat-operating-back.sendinblue.com/chat/ Frame 0
0 94ms
85ms Preflight
text/plain 104.17.10.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-operating-back.sendinblue.com/chat/thread

Protocol

Server

104.17.10.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-auth-token,x-source-url
Origin: https://billbuds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 21 Sep 2021 05:09:36 GMT
content-type: text/plain
content-length: 0
access-control-allow-origin: https://billbuds.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH, HEAD
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Origin, Content-Type, Accept, X-fb-token, X-auth-token, X-source-url
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-13
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6920c8475c2b4e61-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e9fae42da423a5462d0ace05843f6fc4200c59f237488a0ffe580dae288228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141429134295376&ev=Microdata&dl=https%3A%2F%2Fbillbuds.com%2F&rl=&if=false&ts=1632200977117&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Billbuds%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632200975582.1450206382&it=1632200975442&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: billbuds.com
URL: https://billbuds.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billbuds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:09:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 21 Sep 2021 05:09:37 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.billbuds.com/	1970-01-20 06:08:56	Name: _hjid Value: 625055b5-23c4-4d4c-9b1a-a3be23dd3921
.billbuds.com/	1970-01-19 21:23:22	Name: _hjFirstSeen Value: 1
.billbuds.com/	1970-01-19 23:32:56	Name: _gcl_au Value: 1.1.2141640082.1632200976
.billbuds.com/	1970-01-19 23:32:56	Name: _fbp Value: fb.1.1632200975582.1450206382
.billbuds.com/	1970-01-20 01:45:07	Name: sib_cuid Value: dcd21be2-669a-4369-95e7-6ea0ff6c9d6f
billbuds.com/	1970-01-19 21:23:21	Name: _hjIncludedInPageviewSample Value: 1
.billbuds.com/	1970-01-19 21:23:22	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-19 21:23:21	Name: test_cookie Value: CheckForPermission
.billbuds.com/	1970-01-20 14:54:32	Name: _ga Value: GA1.2.909600916.1632200976
.billbuds.com/	1970-01-19 21:24:47	Name: _gid Value: GA1.2.692880254.1632200976
.billbuds.com/	1970-01-19 21:23:21	Name: _gat_gtag_UA_174548888_1 Value: 1
sibautomation.com/	1970-01-20 01:45:07	Name: uuid Value: 864a83cd-6e0d-46e3-8dd8-af0b541a4d74

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billbuds.com
cdnjs.cloudflare.com
chat-backend.sendinblue.com
chat-operating-back.sendinblue.com
chat.sendinblue.com
connect.facebook.net
googleads.g.doubleclick.net
in-automate.sendinblue.com
in.hotjar.com
script.hotjar.com
sibautomation.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.ysplit.com
104.16.18.94
104.16.94.65
104.17.10.12
104.17.9.12
108.177.15.157
13.224.193.121
13.225.78.69
142.250.185.232
142.250.186.98
142.250.74.196
167.99.242.112
172.217.16.142
172.67.159.201
172.67.208.48
18.66.139.84
185.107.232.249
31.13.92.14
31.13.92.36
52.50.124.16
02b46fef4a7cb7da7faf77ebc261bf7abd8b2915c08a9b0f25ebb7ce0cffa805
0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728
093ad56a2232403d9ba9208b714e06061602f752dc254e22add32eaaed3b2bb4
0dbf062cc559bcab67a3ae09797991b9bc56d21457e90a5288cec891fea5d906
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131101dc7b149ce13730209b2c41264cb0454a5e9339bc165fbd88206249eb5d
1d00fd15bcaefd3b6c30e84bcdee8ec46b9395298e6287fad959e51e4a68f981
229e7c147602276ce68f7b3f27c1e7c619cecf70493c89f5676f65555f424326
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
29319904b2b5d64ca011deb58b44e3ea03210f47695ef960911d21b2ece6d0e2
2afafab18c75847657a4f12517f5ccf0e71091eca2516d6bc9a8df758668edcd
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
39ebeda58768eae4420e1c9bb098f7b632050912d027c98b6ed29cc7fc3c9e8c
3c5810d3cedf6944a1373a3c8a032224aebaf74733b4e781e4ef0aa49a0eadf0
42949cbf786327d430c7e7d9ea10bba9dd0a9b845d7df87cf324d3c93f9020e0
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
466b17bbc244aa4432a6e1647c58f5a954a982b8b96134c10b0d3e47b18b6849
51eae8b45b5bd589c930193a643d9c033edf3987aec6b60b085882f772015e6e
5403a3123c600917c661fb7ce47d8ba2f01c45f247c866bd23e55a3c79503c2f
5c52e52c398011c9d8310368234ff1f337e3b17f73e8aeba543bb8d11be70afe
5d3f79fdf676ad2362952c170e0085aa88d319172623ac051a73d1b8569a9515
62e72392422a984407acc84be93a0440e7841d260a0873dbe7bc9663c31b2572
643ffe5d9e71d47675affca8f68affc09e679842ac8125c640ed166324f82c1f
65aaefc70732f81621ea791f680fecf68db87077435b1c47b5c4f191e26ba4c6
67ebd645a894e7f11d1f90d25cb9aa0648f70ffdac81383c6fa9cfc9c8988cef
67f52e49e9151804a05b07d3e1d20879ab73f6860c7138322e88827d144bd427
6a9a89b3474041d8d593042807a7bfae52d17cfddaeacfbe5d38c0e75822c3e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caaf6c5b11a1b60f9367f0c583c38725bbd51af1ff93f8052bae17b2c6b75b9
702fd8998443ccbf1705d6577d7404501dde85e3ab9d9ba3a19bd2db197f92cd
725c849df5e48b5e002ed0d0a87288ce62df8ada01af32453c5e479db9ccd4a4
726c45162fbb32b2384793015c618d32189d23aaf9f18b577b4e1351a7a48cd4
73da88ffb68ba8b76df11b9a4e8319f64ddc6c4e3568757f7a70fae0de7c2136
7cc3a9eabe32463fbb1f3d123adbd7812f0fb18f9a8b2ce4a5db9559b57b1efd
8065eb43f43d6061defcbe85ea8ea410886205d3f37140c50baaf350be388343
8753ef4bce6d8cdeb1bc9555149e57cee41f66c04ab136afac563e4c54b7548f
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8ce9c9e7f6211ff32297d8ad27c5d8ea7e92cb901a15b7679e207e03e384ad5a
8d5e9ce0c118251ada251c32c0308a4b28f2e5cc01f678a5bb21379bea746281
8d89abe95691579631915d4a9d5d62851e3a6ad786a128c6243b650e3f242a58
92a2a128863853f14fcb21705a513030e25355c54ad49981db8828eea92aaaec
93c1342675fa06334a1170faba47ed0e80013529ed01e2c83b2f0abbbea202d2
96abd86501ebc76123d99cdc5177c3bbffe1e0f46f8c893dc0f7090dc59b9583
9991c8c6983398e3b2cca34a6f47a7209cf744c369b00101415a216d2873764a
a661ff039dbe54981484190b5e25d6ae6a0a8736c69256e077fd874094b732fd
a6737315b22fa4d25ebfa2c12eb3027acdd55f7f7153c6cf71ab7cd08bd9c0fe
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
afd70d452035bca77d904f22e1e375c185a9c7a08ce611dbd2083580bb2d2ad9
b080a925baefe4c6e0db1114327ec4edee7b2120a075cdb5a1808a5dc78e70cb
c2be2c3780e4e4fec70252c599c715de0cafdf85ed99c5542409ba7038c56e59
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
c7e9fae42da423a5462d0ace05843f6fc4200c59f237488a0ffe580dae288228
c7f7198152ca052c695b23ed5b32d37ab6ad779d244469d54c07121682c48f77
d27594f8838badd583c36992695ab5d4d0ffdbab450792f719a8cb3a921989ab
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d9123f42bf55fb17a81f694ccfe7e412e6f796518d14b184ead3250da460f5fa
dd85ceaf4c6b171222580f552609b2e91c34bcf85309d2e85629125800015739
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
ded359d12017fdf2d3e58b93ed0db143455ada65c9c6b388768a77922481ef17
dfd96b79897e47fd4bda4fbe0dea06a0273a85bb8aaea294fc90b91acc8c5139
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0a5b71e45950a660845fa6ea03921f7516389c8bb08187974d825f6ce81a18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa103f6ac6b0b2a7122628bea2158c4ec85c0e8b3663a88aba4b087c565de8d5
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
febc3f083da3c37c5801c100814bcf1d69d0f35ab57797336f572d9fe0c49b8c

billbuds.com Open in urlscan Pro 167.99.242.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

0 %IPv6

14 Domains

21 Subdomains

20 IPs

5 Countries

3286 kBTransfer

6522 kBSize

12 Cookies

3 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

billbuds.com Open in urlscan Pro
167.99.242.112 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

20
IPs

5
Countries

3286 kB
Transfer

6522 kB
Size

12
Cookies

74 HTTP transactions
1 data transactions