urlscan.io logo urlscan.io
SecurityTrails logo

gateway.bilderlings.dev Open in urlscan Pro
78.28.209.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gateway.bilderlings.dev/
Effective URL: https://gateway.bilderlings.dev/portal/login
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 52 HTTP transactions. The main IP is 78.28.209.236, located in Riga, Latvia and belongs to TET_, LV. The main domain is gateway.bilderlings.dev.
TLS certificate: Issued by R10 on July 3rd 2024. Valid for: 3 months.
This is the only time gateway.bilderlings.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 78.28.209.236 5518 (TET_)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.8 15169 (GOOGLE)
1 13.224.189.18 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.195 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 142.250.186.100 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 18.245.46.20 16509 (AMAZON-02)
1 54.224.70.138 14618 (AMAZON-AES)
52 18
19    78.28.209.236 (Riga, Latvia)

ASN5518 (TET_, LV)
PTR: mail.bilderlingspay.com
gateway.bilderlings.dev
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net
www.googletagmanager.com
1    13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.de
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    18.245.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net
js.intercomcdn.com
1    54.224.70.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-70-138.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
19 bilderlings.dev
gateway.bilderlings.dev
p.bilderlings.dev Failed
802 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8749
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
460 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
px4.ads.linkedin.com — Cisco Umbrella Rank: 6416
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 8088
189 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
465 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
www.google.com — Cisco Umbrella Rank: 5
63 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4674
282 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3382
70 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 3016
api-iam.intercom.io — Cisco Umbrella Rank: 3077
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
52 14
Domain Requested by
19 gateway.bilderlings.dev 1 redirects gateway.bilderlings.dev
6 mc.yandex.com 2 redirects gateway.bilderlings.dev
mc.yandex.ru
5 www.googletagmanager.com gateway.bilderlings.dev
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.google.de gateway.bilderlings.dev
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 js.intercomcdn.com widget.intercom.io
2 www.facebook.com gateway.bilderlings.dev
2 region1.analytics.google.com www.googletagmanager.com
2 mc.yandex.ru 1 redirects gateway.bilderlings.dev
2 connect.facebook.net gateway.bilderlings.dev
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api-iam.intercom.io js.intercomcdn.com
1 www.google.com gateway.bilderlings.dev
1 px4.ads.linkedin.com gateway.bilderlings.dev
1 snap.licdn.com gateway.bilderlings.dev
1 widget.intercom.io www.googletagmanager.com
0 p.bilderlings.dev Failed gateway.bilderlings.dev
52 18

This site contains no links.

Subject Issuer Validity Valid
gateway.bilderlings.dev
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-12 -
2024-07-11		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://gateway.bilderlings.dev/portal/login
Frame ID: BA41DA2E436C9C425C6D511C5328E55A
Requests: 51 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6cb6d3d0.js
Frame ID: F3E3FBAC56C67A025B689E9F7661F0BE
Requests: 3 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: CEA55F7A0CA91A4455783669294914BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://gateway.bilderlings.dev/ HTTP 302
    https://gateway.bilderlings.dev/portal/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

52
Requests

92 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

18
IPs

5
Countries

1846 kB
Transfer

3757 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gateway.bilderlings.dev/ HTTP 302
    https://gateway.bilderlings.dev/portal/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&e_ipv6=AQLoUBQdbOUxLAAAAZB7NdlqW35W6S3HLb2pThIPQJxshapP8nf5pQY_M7eBuSYpOjVw_JY
Request Chain 45
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10419.9hp-4eMA8zUEsm13lVatL__hzj8d4s3SDxv2SK3eXL9FJI21zCiKy2-wnBe7yw40.50ZC9VwGvTsPU2SpiR-XsuRzd0E%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10419.G_pwDqvjmbLl040g_Q8YM87IJ0XRWYxuQ8170_8iSb4yDdwHzGj8fmyJW3au470RQPJbPTOVa1yn3FPMEdewdHWEVVBj7toiCYlY48kl6T3Pmb2Z4IQ8lOWdRyi2Lz03eYXUVxKXBcts5pOSNUb-ibloFIO6BNnzQgpokBeSWHvKYHxtKXMjn6_sc0ancjQrzHpPX0iDxxa-no7Jpz-sdx4dGzktIbLL-HK8bORFS0I%2C.RbPPMBalLYZkVUPTMOjeTbl2svg%2C
Request Chain 51
  • https://mc.yandex.com/watch/96524923?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A129179715185%3Ahid%3A198322702%3Az%3A120%3Ai%3A20240704024725%3Aet%3A1720054045%3Ac%3A1%3Arn%3A762381509%3Arqn%3A1%3Au%3A172005404535444491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A595%3Awv%3A2%3Ads%3A0%2C0%2C68%2C37%2C137%2C137%2C1%2C562%2C1%2C%2C%2C%2C805%3Aco%3A0%3Acpf%3A1%3Ans%3A1720054044161%3Agi%3AR0ExLjEuMjI5MzEwMjM5LjE3MjAwNTQwNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720054045%3At%3ALogin&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96524923/1?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A129179715185%3Ahid%3A198322702%3Az%3A120%3Ai%3A20240704024725%3Aet%3A1720054045%3Ac%3A1%3Arn%3A762381509%3Arqn%3A1%3Au%3A172005404535444491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A595%3Awv%3A2%3Ads%3A0%2C0%2C68%2C37%2C137%2C137%2C1%2C562%2C1%2C%2C%2C%2C805%3Aco%3A0%3Acpf%3A1%3Ans%3A1720054044161%3Agi%3AR0ExLjEuMjI5MzEwMjM5LjE3MjAwNTQwNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720054045%3At%3ALogin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
gateway.bilderlings.dev/portal/
Redirect Chain
  • https://gateway.bilderlings.dev/
  • https://gateway.bilderlings.dev/portal/login
12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
5c309da870fbc31edbe48306e746db11fb402a466ce09569cd4fb46e414bafae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-language
en-US
content-length
12154
content-type
text/html;charset=UTF-8
date
Thu, 04 Jul 2024 00:47:24 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

content-length
36
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 00:47:24 GMT
location
/portal/login
vary
Origin
js
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-110013440-1
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
600cdad797b2a3b3185454d80c68807c5e565b04617dab04e501fd863666b4e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77079
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 00:47:24 GMT
style.css
gateway.bilderlings.dev/portal/css/sso/ 		62 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/css/sso/style.css?33dssds11sd1q
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
9f830fb637a3ceb041abddf7b44b4cde72523e46aa1c176e289ac365badfe094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0c59b5a44bd53773fb7fc9d77434bde35"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
63743
x-xss-protection
0
expires
0
intlTelInput.css
gateway.bilderlings.dev/portal/css/vendor/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/css/vendor/intlTelInput.css
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
8aee983b78a765708ef250505daefa7bab4e046149c9d05f0520771efdce1850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"07413d201fad194434b1f89dac4d80389"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
10744
x-xss-protection
0
expires
0
toolbar.css
gateway.bilderlings.dev/portal/toolbar/ 		160 KB
161 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/toolbar/toolbar.css
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
90c854db021c2f29f46cc728ebc5fbc9c89cb977f91c8fde1954e30025297949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"03186896cb0afd60e567788358a4759fc"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
163965
x-xss-protection
0
expires
0
toolbar.js
gateway.bilderlings.dev/portal/toolbar/ 		334 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/toolbar/toolbar.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
310f63b4739bf58023997c13edc1abf827cfee819424ba65a0924bcb5555df1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"064bb1d6f2226f7b9892376f4609febba"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
341923
x-xss-protection
0
expires
0
sniffer.min.js
gateway.bilderlings.dev/portal/js/lib/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/lib/sniffer.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
faf579405f6f468d27bffbce76a5713598c074dc6ac2830110d1d7d9063568fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0d3bf2e9d4ced0b5c26e49215b2f3842d"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
6130
x-xss-protection
0
expires
0
formdata.min.js
gateway.bilderlings.dev/portal/js/lib/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/lib/formdata.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
5b016eaca6c8286e6b513f8a30024e9273bbe05f4906e5902af67bfa60b4349f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"018f2d596c0378aad8a3af70768876c04"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
8515
x-xss-protection
0
expires
0
jquery-3.5.1.min.js
gateway.bilderlings.dev/portal/js/lib/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/lib/jquery-3.5.1.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
89476
x-xss-protection
0
expires
0
jquery-ui.min.js
gateway.bilderlings.dev/portal/js/lib/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/lib/jquery-ui.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
485a0c570b2d7d7fc01b8131a528187b1b2938b0acded6a4f3f66c63dce15203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"04144e1c32948b13a0567cc0916f8d4d7"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
9320
x-xss-protection
0
expires
0
remodal.min.js
gateway.bilderlings.dev/portal/js/plugins/remodal/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/plugins/remodal/remodal.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
7032bc8ef0bea5459127ff3bdb4d9e4e15cc6f44b7736016947fef93935f8452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"05154d14f60be118bd4f67acf514adeef"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
7822
x-xss-protection
0
expires
0
countdown.min.js
gateway.bilderlings.dev/portal/js/plugins/countdown/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/plugins/countdown/countdown.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
484094d825d7fcbd140315fda6f149e9cb35aa21ac3c41439954869dd10946c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0ce221c252f8a6cb8d59db19e20bff280"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
7310
x-xss-protection
0
expires
0
session-modal.widget.js
gateway.bilderlings.dev/portal/js/widgets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/widgets/session-modal.widget.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
37507baa0193a0db7c0fcf1356005623590881da4bde3493abf88223dda426ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"024db612a5605d0c0055b5cde116ed37c"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
1979
x-xss-protection
0
expires
0
scroll-to-top.widget.js
gateway.bilderlings.dev/portal/js/widgets/ 		378 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/widgets/scroll-to-top.widget.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
d48faf731c8b746ff185e288cf95cb7da593342cd74f6d4be7c1373938390a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"04fe2ba693028124d880c679016ec5d1a"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
378
x-xss-protection
0
expires
0
reveal-password.widget.js
gateway.bilderlings.dev/portal/js/widgets/ 		776 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/widgets/reveal-password.widget.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
e88432055a67c0eb4dbec8ce6917d2902cdf9356517033ef651b7decb772db54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"038cf7f0f3198faa9b9da3f2a8196b948"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
776
x-xss-protection
0
expires
0
login.page.js
gateway.bilderlings.dev/portal/js/pages/ 		49 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/js/pages/login.page.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
e326856cf286bb7f1d5b941f036700c1bf77868572176d5a0c72c27711088b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0a48e1a1a853532549b954ad2cd8592f4"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
49
x-xss-protection
0
expires
0
gtm.js
www.googletagmanager.com/ 		287 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVRZZS9
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b563579353536a1d1e98d9fc8ec7da60715a2a553f910d0cda97fd7977dd9c26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98171
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 00:47:24 GMT
js
www.googletagmanager.com/gtag/ 		298 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-STQCTJJXH0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110013440-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
100b79679c549beea3a6fe219db221acb6b8e1b6915bac76e0db8ef0be51a717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99036
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 00:47:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110013440-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 00:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jul 2024 02:29:07 GMT
toolbar-data
p.bilderlings.dev/portal/api/v1/ 		0
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec33b4476c12a903e07c7eac7cb5a92b548cfcd7bcc8261e3420d24e2e3eb263

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00e3419ca74c730e4e2d4c900f407b135d68ea3cc1ff69b3073967a8d3121c54

Request headers

Referer
Origin
https://gateway.bilderlings.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
open-eye.svg
gateway.bilderlings.dev/portal/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gateway.bilderlings.dev/portal/img/open-eye.svg
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/css/sso/style.css?33dssds11sd1q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
eda2fd9dfc859a8cc4f756fc338870bdf72ffaed5f2362e2c0c6d915a1fe9b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/css/sso/style.css?33dssds11sd1q
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0217a9fcb75ce287695bac0dc41bfe660"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/svg+xml
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
1364
x-xss-protection
0
expires
0
truncated
/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b014c90f50b6dcb5c7a093c1b8c62f52158c5a8fc3103ac2a32da35e9f6295f

Request headers

Referer
Origin
https://gateway.bilderlings.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
OpenSans-Bold.woff
gateway.bilderlings.dev/portal/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/fonts/OpenSans-Bold.woff
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/css/sso/style.css?33dssds11sd1q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
81a08b711141ecbbb1badd6e840dddf45df554f056cccbfb780f10097c8a4169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/css/sso/style.css?33dssds11sd1q
Origin
https://gateway.bilderlings.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"0061b81d58cf24a5d58d0168809d74764"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
font/woff
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
70184
x-xss-protection
0
expires
0
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=401999776&t=pageview&_s=1&dl=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&dp=%2Fportal%2Flogin&ul=de-de&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABBAAAACAAI~&jid=1424176689&gjid=171263122&cid=229310239.1720054045&tid=UA-110013440-1&_gid=1436783402.1720054045&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd4=No&cd6=229310239.1720054045&npa=1&z=1123736917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		301 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3M5JYYGZ8V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVRZZS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7958a9ba134963749fc2463e3128ff8790380f178b6f4a80800be53932295ada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103504
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 00:47:24 GMT
destination
www.googletagmanager.com/gtag/ 		262 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-720372600&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVRZZS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4707a7fd10bbb4176cfbb13a7ee153d59a3f4edfe2ce91b4ba75bd306afa3a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92801
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jul 2024 00:47:24 GMT
ee9hxl15
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/ee9hxl15
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVRZZS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aefbcc12bb90133f79309e999ff4f6eae2e17983abe3ddc95cbeed21ccff12dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9AQoNjz.8u8qyT0Iw_WgN2.KrkLehVGn
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 00:43:38 GMT
x-amz-cf-pop
FRA2-C1
age
277
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2671
last-modified
Wed, 03 Jul 2024 16:37:09 GMT
server
AmazonS3
etag
"35e471f3ca9ecdcca7ed084d53f1cfac"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Aya4RSkRUCPCageIa-UG90yJYQxSO1g9yi5OhXjdhJ7qHgNp68ga4Q==
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 00:47:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1368, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
lnV2NySdoqQK/Nhv08chwCXWQCuwai2Q0tSQ+wYXIw/0ZVQGJmfBQLUCezuL00GkL0hloSLMg1BrSeNTh4lPFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-112d7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70359
expires
Thu, 04 Jul 2024 01:47:24 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=19596
accept-ranges
bytes
content-length
14004
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-STQCTJJXH0&gtm=45je4730v9139036024za200&_p=1720054044389&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=229310239.1720054045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&dp=%2Fportal%2Flogin&uid=&sid=1720054044&sct=1&seg=0&dl=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&dt=Login&en=page_view&_fv=1&_ss=1&ep.bilderlings_user=&ep.authenticated=No&tfd=696&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-STQCTJJXH0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-STQCTJJXH0&cid=229310239.1720054045&gtm=45je4730v9139036024za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-STQCTJJXH0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-STQCTJJXH0&cid=229310239.1720054045&gtm=45je4730v9139036024za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=283710311
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-110013440-1&cid=229310239.1720054045&jid=1424176689&gjid=171263122&_gid=1436783402.1720054045&npa=1&_u=4GBACUAABAAAACAAI~&z=972696270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3M5JYYGZ8V&gtm=45je4730v873392967z8812258112za200zb812258112&_p=1720054044389&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=229310239.1720054045&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720054044&sct=1&seg=0&dl=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&dt=Login&en=page_view&_fv=1&_ss=1&tfd=744&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M5JYYGZ8V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3M5JYYGZ8V&cid=229310239.1720054045&gtm=45je4730v873392967z8812258112za200zb812258112&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3M5JYYGZ8V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3M5JYYGZ8V&cid=229310239.1720054045&gtm=45je4730v873392967z8812258112za200zb812258112&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1952837629
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:25 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AE38B5E02EDF4609A96290E7EF54758B Ref B: FRAEDGE1310 Ref C: 2024-07-04T00:47:24Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYcYUpZJx8EwhFMWdMaMQ==
x-fs-uuid
00061c614a59271f04c2114c59d31a31
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&e_ipv6=AQLoUBQdbOUxLAAAAZB7NdlqW35W6S3HLb2pThIPQJxshapP8nf5...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&e_ipv6=AQLoUBQdbOUxLAAAAZB7NdlqW35W6S3HLb2pThIPQJxshapP8nf5pQY_M7eBuSYpOjVw_JY
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gateway.bilderlings.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1BCFA413C0A54749BD7A89EDCA7D48FA Ref B: FRAEDGE1506 Ref C: 2024-07-04T00:47:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcYUpb9CA70zhpGwTXwg==

Redirect headers

date
Thu, 04 Jul 2024 00:47:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 349FECE1E16A4A8187AEC150E57C6899 Ref B: FRAEDGE1118 Ref C: 2024-07-04T00:47:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6831313&time=1720054044924&url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&e_ipv6=AQLoUBQdbOUxLAAAAZB7NdlqW35W6S3HLb2pThIPQJxshapP8nf5pQY_M7eBuSYpOjVw_JY
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcYUpZKSXJ1gdrU750kg==
945105457222064
connect.facebook.net/signals/config/ 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/945105457222064?v=2.9.160&r=stable&domain=gateway.bilderlings.dev&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ab6a4845eadbaaefd5eca8b283a72722eb305b449942d79a202c9b52611624a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jul 2024 00:47:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=63, mss=1368, tbw=63819, tp=-1, tpl=-1, uplat=104, ullat=0
pragma
public
x-fb-debug
tkRjJ2BPbhv9O1W5U2Ol6jRIcfEZFRFfQ/RnluD4SEfCa8AFWJI1KLyNs6+laiIeemYf7879mEVzawpNWlX1vg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-110013440-1&cid=229310239.1720054045&jid=1424176689&npa=1&_u=4GBACUAABAAAACAAI~&z=767302717
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-110013440-1&cid=229310239.1720054045&jid=1424176689&npa=1&_u=4GBACUAABAAAACAAI~&z=767302717
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=945105457222064&ev=PageView&dl=https%3A%2F%2Fgateway.bilderlings.dev&rl=&if=false&ts=1720054045065&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720054045063.755207044762943087&pm=1&hrl=508305&ler=empty&cdl=API_unavailable&it=1720054044935&coo=false&cs_cc=1&cas=7918764438135767&rqm=GET
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jul 2024 00:47:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=945105457222064&ev=PageView&dl=https%3A%2F%2Fgateway.bilderlings.dev&rl=&if=false&ts=1720054045065&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720054045063.755207044762943087&pm=1&hrl=508305&ler=empty&cdl=API_unavailable&it=1720054044935&coo=false&cs_cc=1&cas=7918764438135767&rqm=FGET
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x42a99e91d17d713a","source_keys":["1","2"]},{"key_piece":"0x172a1fb177169f7f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 04 Jul 2024 00:47:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387575872610312607", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=3091, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
r1pKrKdZ3pY/B/LAZWd7teWQy8RdMoRxNYaO5B1z6M+rjc26HL91itWkpbSPHsq3CATxNPlT/ayI8eGXYQgn0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387575872610312607"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10419.9hp-4eMA8zUEsm13lVatL__hzj8d4s3SDxv2SK3eXL9FJI21zCiKy2-wnBe7yw40.50ZC9VwGvTsPU2SpiR-XsuRzd0E%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10419.G_pwDqvjmbLl040g_Q8YM87IJ0XRWYxuQ8170_8iSb4yDdwHzGj8fmyJW3au470RQPJbPTOVa1yn3FPMEdewdHWEVVBj7toiCYlY48kl6T3Pmb2Z4IQ8lOWdRyi2Lz03eYXUVxKXBc...
43 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10419.G_pwDqvjmbLl040g_Q8YM87IJ0XRWYxuQ8170_8iSb4yDdwHzGj8fmyJW3au470RQPJbPTOVa1yn3FPMEdewdHWEVVBj7toiCYlY48kl6T3Pmb2Z4IQ8lOWdRyi2Lz03eYXUVxKXBcts5pOSNUb-ibloFIO6BNnzQgpokBeSWHvKYHxtKXMjn6_sc0ancjQrzHpPX0iDxxa-no7Jpz-sdx4dGzktIbLL-HK8bORFS0I%2C.RbPPMBalLYZkVUPTMOjeTbl2svg%2C
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gateway.bilderlings.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10419.G_pwDqvjmbLl040g_Q8YM87IJ0XRWYxuQ8170_8iSb4yDdwHzGj8fmyJW3au470RQPJbPTOVa1yn3FPMEdewdHWEVVBj7toiCYlY48kl6T3Pmb2Z4IQ8lOWdRyi2Lz03eYXUVxKXBcts5pOSNUb-ibloFIO6BNnzQgpokBeSWHvKYHxtKXMjn6_sc0ancjQrzHpPX0iDxxa-no7Jpz-sdx4dGzktIbLL-HK8bORFS0I%2C.RbPPMBalLYZkVUPTMOjeTbl2svg%2C
date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: gateway.bilderlings.dev
URL: https://gateway.bilderlings.dev/portal/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 04 Jul 2024 01:47:25 GMT
frame-modern.6cb6d3d0.js
js.intercomcdn.com/ Frame F3E3 		458 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.6cb6d3d0.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ee9hxl15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0bb1418905101e6e9bae3f2fd155a76dad320cf70d62d7ba1ec52960aed1f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NuP4d6RGsk08THv0NCvojcBp18YMA5tM
content-encoding
gzip
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 00:37:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141032
last-modified
Wed, 03 Jul 2024 16:33:30 GMT
server
AmazonS3
etag
"71e8a39f19a9fb246af3425022298e71"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
0j1FOx_1YiSyZ0kq5S64ecdrgKZbsjcwZz9CH4z7VHdXPOTzVaQx4g==
vendor-modern.17699391.js
js.intercomcdn.com/ Frame F3E3 		453 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.17699391.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ee9hxl15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61c41bee19e32c97dc2188e557cde3a5ea705c4326d1e665f8f6f34685cf1fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
40mpTk_5_aEkgQYOV9mqTfHZLAzrdf1K
content-encoding
gzip
via
1.1 08144b62d8ba59c510ae7682981f36c0.cloudfront.net (CloudFront)
date
Wed, 03 Jul 2024 23:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
146442
last-modified
Wed, 03 Jul 2024 15:41:19 GMT
server
AmazonS3
etag
"c3cbe8c9c9197b65291adfa42d85f2a9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
oWJmdVN8hW94zuMqBXoIeRp0YqbOJsbOWNgfyAt-USPPcknzOzVOOg==
/
px.ads.linkedin.com/wa/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://gateway.bilderlings.dev/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:47:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 74BD77DCEDA544BAAA6AFA26C4C2ECA1 Ref B: FRAEDGE1118 Ref C: 2024-07-04T00:47:25Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://gateway.bilderlings.dev
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcYUpeUi5yE9g7oiJAZg==
ping
api-iam.intercom.io/messenger/web/ Frame F3E3 		166 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6cb6d3d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.224.70.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-70-138.compute-1.amazonaws.com
Software
nginx /
Resource Hash
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
status
403 Forbidden
x-xss-protection
1; mode=block
x-request-id
004cnrqsq8m5l2op54tg
x-runtime
0.048030
server
nginx
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gateway.bilderlings.dev
x-intercom-version
6486a7e717efd5c2b5a16562f11cfb8dcabc6665
access-control-expose-headers
x-request-id
cache-control
no-cache
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
1
mc.yandex.com/watch/96524923/
Redirect Chain
  • https://mc.yandex.com/watch/96524923?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%...
  • https://mc.yandex.com/watch/96524923/1?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3B...
447 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96524923/1?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A129179715185%3Ahid%3A198322702%3Az%3A120%3Ai%3A20240704024725%3Aet%3A1720054045%3Ac%3A1%3Arn%3A762381509%3Arqn%3A1%3Au%3A172005404535444491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A595%3Awv%3A2%3Ads%3A0%2C0%2C68%2C37%2C137%2C137%2C1%2C562%2C1%2C%2C%2C%2C805%3Aco%3A0%3Acpf%3A1%3Ans%3A1720054044161%3Agi%3AR0ExLjEuMjI5MzEwMjM5LjE3MjAwNTQwNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720054045%3At%3ALogin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1053eabc06032a6b83889a6701c19a93a12f2631fac0e6adb082748665fa45fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gateway.bilderlings.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 04-Jul-2024 00:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 00:47:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 00:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96524923/1?wmode=7&page-url=https%3A%2F%2Fgateway.bilderlings.dev%2Fportal%2Flogin&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A129179715185%3Ahid%3A198322702%3Az%3A120%3Ai%3A20240704024725%3Aet%3A1720054045%3Ac%3A1%3Arn%3A762381509%3Arqn%3A1%3Au%3A172005404535444491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A595%3Awv%3A2%3Ads%3A0%2C0%2C68%2C37%2C137%2C137%2C1%2C562%2C1%2C%2C%2C%2C805%3Aco%3A0%3Acpf%3A1%3Ans%3A1720054044161%3Agi%3AR0ExLjEuMjI5MzEwMjM5LjE3MjAwNTQwNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720054045%3At%3ALogin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin
https://gateway.bilderlings.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 00:47:25 GMT
favicon.ico
gateway.bilderlings.dev/portal/img/favicons/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gateway.bilderlings.dev/portal/img/favicons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.28.209.236 Riga, Latvia, ASN5518 (TET_, LV),
Reverse DNS
mail.bilderlingspay.com
Software
/
Resource Hash
0fe2755459a91df8f52799767be325bf7f5979aa2a1ccbd92fda2048f282cc46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gateway.bilderlings.dev/portal/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:47:25 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 03 Jul 2024 10:09:57 GMT
etag
"02a8046a18c069c520a881674c19d8492"
vary
Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/x-icon
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
15086
x-xss-protection
0
expires
0
metrika_match.html
mc.yandex.com/metrika/ Frame CEA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gateway.bilderlings.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Thu, 04 Jul 2024 00:47:25 GMT
etag
"6684fede-418"
expires
Thu, 04 Jul 2024 01:47:25 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.bilderlings.dev
URL
https://p.bilderlings.dev/portal/api/v1/toolbar-data

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer function| getCookie function| getPage object| userId function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill object| Bilderlings function| updateQueryParams object| Sniff object| gaplugins object| gaGlobal object| gaData object| intercomSettings function| Intercom function| fbq function| _fbq function| ym string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| $ function| jQuery undefined| module function| countdown function| onYouTubeIframeAPIReady boolean| _already_called_lintrk object| $sessionModal object| Ya object| yaCounter96524923 function| __intercomAssignLocation function| __intercomReloadLocation object| ORIBILI

32 Cookies

Domain/Path Name / Value
gateway.bilderlings.dev/ Name: bilderlings_sticky_v1
Value: 12184f2519129208
.bilderlings.dev/ Name: portal_language
Value: en
.bilderlings.dev/ Name: _gid
Value: GA1.2.1436783402.1720054045
.bilderlings.dev/ Name: _gat_gtag_UA_110013440_1
Value: 1
.bilderlings.dev/ Name: _gcl_au
Value: 1.1.695350881.1720054045
.bilderlings.dev/ Name: _ga_STQCTJJXH0
Value: GS1.1.1720054044.1.0.1720054044.60.0.0
.bilderlings.dev/ Name: _ga
Value: GA1.1.229310239.1720054045
.bilderlings.dev/ Name: _ga_3M5JYYGZ8V
Value: GS1.1.1720054044.1.0.1720054044.60.0.0
.yandex.ru/ Name: i
Value: u/lrfz6NmWdVBoO+ktyzZ+k+zkvOM26Mh+voO1sNygCb5FEGLQbLKkrS9ffyERB876xArytgJTOM30GnxIexbk8KTT0=
.yandex.ru/ Name: yandexuid
Value: 8626100311720054044
.yandex.ru/ Name: yashr
Value: 8412447101720054044
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.bilderlings.dev/ Name: _fbp
Value: fb.1.1720054045063.755207044762943087
.linkedin.com/ Name: bcookie
Value: "v=2&ca243c05-931d-410f-83df-cf3ce0fd5935"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjAwNTQwNDU7MjswMjHMyhopEXi0lScYtYsP9PqlMo55nsQa/wsq9GpBMu1X/g==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2872:u=1:x=1:i=1720054045:t=1720140445:v=2:sig=AQExZu1HLWM8XKRxT3JXHf752UyLqN_h"
.bilderlings.dev/ Name: _ym_uid
Value: 172005404535444491
.bilderlings.dev/ Name: _ym_d
Value: 1720054045
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 138442644fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: yashr
Value: 779168721720054045
.bilderlings.dev/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3239029127fake
.yandex.com/ Name: yandexuid
Value: 8626100311720054044
.yandex.com/ Name: yuidss
Value: 8626100311720054044
.yandex.com/ Name: i
Value: u/lrfz6NmWdVBoO+ktyzZ+k+zkvOM26Mh+voO1sNygCb5FEGLQbLKkrS9ffyERB876xArytgJTOM30GnxIexbk8KTT0=
.yandex.com/ Name: yp
Value: 1720140445.yu.2446494031720054045
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 329908391720054045
.yandex.com/ Name: ymex
Value: 1722646045.oyu.2446494031720054045#1751590045.yrts.1720054045
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjEyNiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTI2IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMjYiIg==

4 Console Messages

Source Level URL
Text
javascript error URL: https://gateway.bilderlings.dev/portal/login(Line 245)
Message:
Access to XMLHttpRequest at 'https://p.bilderlings.dev/portal/api/v1/toolbar-data' from origin 'https://gateway.bilderlings.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://p.bilderlings.dev/portal/api/v1/toolbar-data
Message:
Failed to load resource: net::ERR_FAILED
recommendation verbose URL: https://gateway.bilderlings.dev/portal/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://api-iam.intercom.io/messenger/web/ping
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
connect.facebook.net
gateway.bilderlings.dev
js.intercomcdn.com
mc.yandex.com
mc.yandex.ru
p.bilderlings.dev
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
p.bilderlings.dev
13.107.42.14
13.224.189.18
142.250.184.195
142.250.186.100
172.217.18.8
18.245.46.20
2001:4860:4802:34::36
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::9b
2a02:26f0:3500:10::210:a99
2a02:6b8::1:119
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
54.224.70.138
78.28.209.236
00e3419ca74c730e4e2d4c900f407b135d68ea3cc1ff69b3073967a8d3121c54
0fe2755459a91df8f52799767be325bf7f5979aa2a1ccbd92fda2048f282cc46
100b79679c549beea3a6fe219db221acb6b8e1b6915bac76e0db8ef0be51a717
1053eabc06032a6b83889a6701c19a93a12f2631fac0e6adb082748665fa45fe
1ab6a4845eadbaaefd5eca8b283a72722eb305b449942d79a202c9b52611624a
310f63b4739bf58023997c13edc1abf827cfee819424ba65a0924bcb5555df1b
37507baa0193a0db7c0fcf1356005623590881da4bde3493abf88223dda426ee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4707a7fd10bbb4176cfbb13a7ee153d59a3f4edfe2ce91b4ba75bd306afa3a76
484094d825d7fcbd140315fda6f149e9cb35aa21ac3c41439954869dd10946c1
485a0c570b2d7d7fc01b8131a528187b1b2938b0acded6a4f3f66c63dce15203
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b016eaca6c8286e6b513f8a30024e9273bbe05f4906e5902af67bfa60b4349f
5c309da870fbc31edbe48306e746db11fb402a466ce09569cd4fb46e414bafae
600cdad797b2a3b3185454d80c68807c5e565b04617dab04e501fd863666b4e2
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
61c41bee19e32c97dc2188e557cde3a5ea705c4326d1e665f8f6f34685cf1fd1
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
7032bc8ef0bea5459127ff3bdb4d9e4e15cc6f44b7736016947fef93935f8452
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
7958a9ba134963749fc2463e3128ff8790380f178b6f4a80800be53932295ada
81a08b711141ecbbb1badd6e840dddf45df554f056cccbfb780f10097c8a4169
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aee983b78a765708ef250505daefa7bab4e046149c9d05f0520771efdce1850
8b014c90f50b6dcb5c7a093c1b8c62f52158c5a8fc3103ac2a32da35e9f6295f
90c854db021c2f29f46cc728ebc5fbc9c89cb977f91c8fde1954e30025297949
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
9f830fb637a3ceb041abddf7b44b4cde72523e46aa1c176e289ac365badfe094
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aefbcc12bb90133f79309e999ff4f6eae2e17983abe3ddc95cbeed21ccff12dc
b563579353536a1d1e98d9fc8ec7da60715a2a553f910d0cda97fd7977dd9c26
c0bb1418905101e6e9bae3f2fd155a76dad320cf70d62d7ba1ec52960aed1f38
d48faf731c8b746ff185e288cf95cb7da593342cd74f6d4be7c1373938390a6d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e326856cf286bb7f1d5b941f036700c1bf77868572176d5a0c72c27711088b14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88432055a67c0eb4dbec8ce6917d2902cdf9356517033ef651b7decb772db54
ec33b4476c12a903e07c7eac7cb5a92b548cfcd7bcc8261e3420d24e2e3eb263
eda2fd9dfc859a8cc4f756fc338870bdf72ffaed5f2362e2c0c6d915a1fe9b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faf579405f6f468d27bffbce76a5713598c074dc6ac2830110d1d7d9063568fb