www.billings2.com Open in urlscan Pro
2606:4700:3030::6818:7706 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.billings2.com/
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2020, 3:52:52 am UTC)

Summary HTTP 33 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3030::6818:7706, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billings2.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 4th 2020. Valid for: 8 months.

This is the only time www.billings2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
28	2606:4700:303... 2606:4700:3030::6818:7706		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:818::200a		15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2003		15169 (GOOGLE) (GOOGLE)
33	3

28 2606:4700:3030::6818:7706 (United States)

ASN13335 (CLOUDFLARENET, US)

www.billings2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
billings2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	billings2.com www.billings2.com billings2.com	1 MB
4	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com	864 B
33	3

	Domain	Requested by
26	www.billings2.com	www.billings2.com
4	fonts.gstatic.com	www.billings2.com
2	billings2.com	www.billings2.com
1	fonts.googleapis.com	www.billings2.com
33	4

This site contains links to these domains. Also see Links.

Domain
cryptohead.io
www.thrivethemes.com
www.wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-04` - `2020-10-09`	8 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.billings2.com/
Frame ID: 2FD09A6B871F427C13C269EA3DB8E573
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1126 kB
Transfer

1635 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cryptohead.io/australia/how-to-buy-ripple/
Title: other ways how to buy Ripple in Australia

Search URL Search Domain Scan URL

URL: https://www.thrivethemes.com/
Title: Thrive Themes

Search URL Search Domain Scan URL

URL: https://www.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.billings2.com/ 34 KB
8 KB 1039ms
987ms Document
text/html 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.27
Resource Hash: 19f01d58623dc64c918e8006eebb7813ae0c50095729536d56c15c7dafe2f661

Request headers

:method: GET
:authority: www.billings2.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Tue, 24 Mar 2020 03:52:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dff8efdff8dbd573b2bdd38805afb449e1585021950; expires=Thu, 23-Apr-20 03:52:30 GMT; path=/; domain=.billings2.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.2.27
link: <https://www.billings2.com/wp-json/>; rel="https://api.w.org/", <https://www.billings2.com/>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 578d7096af151776-FRA
content-encoding: br

GET
H2 200 pinterest.css
www.billings2.com/wp-content/plugins/pinterest-badge/ 4 KB
681 B 489ms
486ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/pinterest-badge/pinterest.css?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c411d384ddf9c04d0cc831362c14667751e6ffff7c480bda60580d4ce9273b

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Jan 2018 20:00:19 GMT
server: cloudflare
etag: W/"f42-5638b1cd6dac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9961776-FRA

GET
H2 200 styles.css
www.billings2.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
685 B 480ms
477ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:43:31 GMT
server: cloudflare
etag: W/"693-565c17e9f0ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9971776-FRA

GET
H2 200 page-list.css
www.billings2.com/wp-content/plugins/sitemap/css/ 702 B
387 B 488ms
485ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/sitemap/css/page-list.css?ver=4.3
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ebc47331c997b569e83c98089d44b1f3797e2bec0e6cf979f8c7e43643f452

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Jan 2018 19:58:31 GMT
server: cloudflare
etag: W/"2be-5638b1666e7c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd99a1776-FRA

GET
H2 200 thrive_flat.css
www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/css/ 247 KB
32 KB 580ms
577ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.0.24
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7954082c2cb7796d3f71cb005f5150e6c5e9373f6d10eb73a66763a9cf4b30a

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:45:51 GMT
server: cloudflare
etag: W/"3da1c-565c186f749c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd99b1776-FRA

GET
H2 200 style.css
www.billings2.com/wp-content/themes/luxe/ 460 B
365 B 489ms
486ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/themes/luxe/style.css?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69161c137a7c4e28dfa4334c042466d72c1a98a0c7e5925e323809c80049aa13

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2018 13:15:37 GMT
server: cloudflare
etag: W/"1cc-56320e0501040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd99c1776-FRA

GET
H2 200 reset.css
www.billings2.com/wp-content/themes/luxe/css/ 2 KB
735 B 580ms
577ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/themes/luxe/css/reset.css
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9355a5440029280e90e72be6a419b70acb6803444c9c9a0498d86de4d187e03

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2018 13:15:35 GMT
server: cloudflare
etag: W/"735-56320e0318bc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd99f1776-FRA

GET
H2 200 main_dark.css
www.billings2.com/wp-content/themes/luxe/css/ 148 KB
24 KB 481ms
478ms Stylesheet
text/css 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/themes/luxe/css/main_dark.css?ver=2014123
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c845305d0cf556d59d35a8aacece2af462a7896f9df46d313a4a2aac1640d677

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2018 13:15:36 GMT
server: cloudflare
etag: W/"250c8-56320e040ce00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9a11776-FRA

GET
H2 200 pinterest_wp.js Show response
www.billings2.com/wp-content/plugins/pinterest-badge/ 562 B
346 B 485ms
484ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/pinterest-badge/pinterest_wp.js?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0626b4c025d032c48610807d5883007833f9a84499246b3a4a2f45c3cec9e242

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Jan 2018 20:00:19 GMT
server: cloudflare
etag: W/"232-5638b1cd6dac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9a21776-FRA

GET
H2 200 jquery.js Show response
www.billings2.com/wp-includes/js/jquery/ 95 KB
32 KB 582ms
581ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 04:11:07 GMT
server: cloudflare
etag: W/"17a6a-591c682c42cc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9a41776-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.billings2.com/wp-includes/js/jquery/ 10 KB
4 KB 488ms
487ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 May 2016 11:41:28 GMT
server: cloudflare
etag: W/"2748-53344923fca00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d709cd9a51776-FRA

GET
H2 200 Logo.png
billings2.com/wp-content/uploads/2018/01/ 37 KB
37 KB 480ms
472ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billings2.com/wp-content/uploads/2018/01/Logo.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5922a01363dfc845dc029505835175ba3da7b0cb7a12698e8b6b085460500e

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:31 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 15:01:46 GMT
server: cloudflare
etag: "94ad-5639b0efb8a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d709ce9b81776-FRA
content-length: 38061

GET
H2 200 Geoffrey-Jordan-300x220.png
www.billings2.com/wp-content/uploads/2018/01/ 64 KB
65 KB 675ms
674ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/Geoffrey-Jordan-300x220.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f9cac1c364a2780a6a1794692eae21de93562609195eb7d2f2cd91345b338d

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 14:31:27 GMT
server: cloudflare
etag: "101a5-5639aa28fcdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d709cd9a71776-FRA
content-length: 65957

GET
H2 200 test1-300x300.png
www.billings2.com/wp-content/uploads/2018/01/ 128 KB
128 KB 565ms
564ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/test1-300x300.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12430d6336c1b9e14c28166eabf5cb0a1af2ce5841075e9e19e31cfef60f731b

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 14:34:56 GMT
server: cloudflare
etag: "1fe82-5639aaf04e400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a09fb41776-FRA
content-length: 130690

GET
H2 200 testimonial2.png
www.billings2.com/wp-content/uploads/2018/01/ 86 KB
86 KB 675ms
674ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/testimonial2.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e749aed9c025955ed88444f83f702efa715258215f19bf9c25f87d6bdca518

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 14:37:31 GMT
server: cloudflare
etag: "15881-5639ab84200c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a09fb51776-FRA
content-length: 88193

GET
H2 200 Speaker-standingv-124x300.png
www.billings2.com/wp-content/uploads/2018/01/ 38 KB
38 KB 567ms
566ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/Speaker-standingv-124x300.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd7e312e01df5f0b5247821c63385d66ded0bce7c334fccd42b1a2cd66d7ea8

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 14:49:12 GMT
server: cloudflare
etag: "989f-5639ae20a6a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a09fb61776-FRA
content-length: 39071

GET
H2 200 scripts.js Show response
www.billings2.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 392ms
392ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:43:31 GMT
server: cloudflare
etag: W/"38d7-565c17e9f0ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d709fee7c1776-FRA

GET
H2 200 frontend.min.js Show response
www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 47 KB
13 KB 560ms
559ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.0.24
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6701146f916603227ef5f6eba64850c5bb78f0b759f39a0b902bb86a27584689

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:45:53 GMT
server: cloudflare
etag: W/"ba99-565c18715ce40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d70a09fad1776-FRA

GET
H2 200 script.min.js Show response
www.billings2.com/wp-content/themes/luxe/js/ 21 KB
6 KB 359ms
358ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/themes/luxe/js/script.min.js?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1881d7e1e034fe7f12472cfe05d27fe9d95cfc9ccd84320b238fe9f4b306aa8

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2018 13:15:51 GMT
server: cloudflare
etag: W/"54a8-56320e125afc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d70a09faf1776-FRA

GET
H2 200 frontend.min.js Show response
www.billings2.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
888 B 485ms
484ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.0.26
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5c57466e78a77781bc2aa8adbd280809c3d7772c476677b6a954c5d8325d91d

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:46:01 GMT
server: cloudflare
etag: W/"6af-565c1878fe040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d70a09fb01776-FRA

GET
H2 200 wp-embed.min.js Show response
www.billings2.com/wp-includes/js/ 1 KB
738 B 361ms
361ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-includes/js/wp-embed.min.js?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Dec 2018 03:25:20 GMT
server: cloudflare
etag: W/"57b-57cdedd3e8800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d70a09fb21776-FRA

GET
H2 200 wp-emoji-release.min.js Show response
www.billings2.com/wp-includes/js/ 12 KB
4 KB 382ms
381ms Script
application/javascript 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.13
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Aug 2018 04:12:07 GMT
server: cloudflare
etag: W/"2efa-57280218073c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 578d70a09fb71776-FRA

GET
H2 200 css
fonts.googleapis.com/ 6 KB
864 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter|Oxygen:300,400,700|PT+Serif:400,700&subset=latin,latin-ext

Requested by

Host: www.billings2.com
URL: https://www.billings2.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f40657d814bb7d14f7ce160fa99fdd4275172e1a08412ea593f874d34a058464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 03:52:31 GMT
server: ESF
date: Tue, 24 Mar 2020 03:52:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Mar 2020 03:52:31 GMT

GET
H2 200 Asia-Breakthrough-CoverImage.jpg
billings2.com/wp-content/uploads/2018/01/ 303 KB
304 KB 672ms
672ms Image
image/jpeg 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billings2.com/wp-content/uploads/2018/01/Asia-Breakthrough-CoverImage.jpg
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e02ed4e429cbd58dc079f8de1b15fa1efa00df14c49f55f55a4ff4f921f3b91

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 12:27:24 GMT
server: cloudflare
etag: "4bd46-56398e6eca300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a0afc21776-FRA
content-length: 310598

GET
H2 200 cover-bussines.png
www.billings2.com/wp-content/uploads/2018/01/ 98 KB
98 KB 677ms
677ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/cover-bussines.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977e812cf6bdbf5fe022329ec81186901610e8559ffe4c2d5675c0a93cbd69ba

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2018 12:45:58 GMT
server: cloudflare
etag: "1881f-563ad472a4d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a0afc51776-FRA
content-length: 100383

GET
H2 200 easy-cover.png
www.billings2.com/wp-content/uploads/2018/01/ 86 KB
86 KB 671ms
671ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/easy-cover.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd95703706fddff8ec43c1d7d376b1672187369b8737f05d58dff9893616e96

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2018 12:24:15 GMT
server: cloudflare
etag: "15882-563acf98019c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a0afc71776-FRA
content-length: 88194

GET
H2 200 Get-Paid-Online-cover.png
www.billings2.com/wp-content/uploads/2018/01/ 96 KB
96 KB 674ms
674ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/uploads/2018/01/Get-Paid-Online-cover.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2467893b2708a56ed62beddb85cfb4d9ad252590d1e4a11ebdcd39b1112def2

Request headers

Referer: https://www.billings2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2018 11:52:07 GMT
server: cloudflare
etag: "1809c-563ac869527c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a0afc81776-FRA
content-length: 98460

GET
H2 200 bullet.png
www.billings2.com/wp-content/themes/luxe/images/ 1 KB
1 KB 371ms
371ms Image
image/png 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.billings2.com/wp-content/themes/luxe/images/bullet.png
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d2f697669724037d07b32cad59563270f2adeffe74b1a0f6f6112d9bf5436a

Request headers

Referer: https://www.billings2.com/wp-content/themes/luxe/css/main_dark.css?ver=2014123
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2018 13:15:43 GMT
server: cloudflare
etag: "45a-56320e0ab9dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 578d70a0afc91776-FRA
content-length: 1114

GET
H2 200 2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2

Requested by

Host: www.billings2.com
URL: https://www.billings2.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Bitter|Oxygen:300,400,700|PT+Serif:400,700&subset=latin,latin-ext
Origin: https://www.billings2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 00:40:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:18 GMT
server: sffe
age: 1653105
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10332
x-xss-protection: 0
expires: Fri, 05 Mar 2021 00:40:47 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2

Requested by

Host: www.billings2.com
URL: https://www.billings2.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Bitter|Oxygen:300,400,700|PT+Serif:400,700&subset=latin,latin-ext
Origin: https://www.billings2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:44:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:29 GMT
server: sffe
age: 4590466
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10280
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:44:46 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: www.billings2.com
URL: https://www.billings2.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Bitter|Oxygen:300,400,700|PT+Serif:400,700&subset=latin,latin-ext
Origin: https://www.billings2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Mar 2020 16:48:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:23:27 GMT
server: sffe
age: 212662
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13280
x-xss-protection: 0
expires: Sun, 21 Mar 2021 16:48:10 GMT

GET
H2 200 icomoon.ttf
www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/ 6 KB
6 KB 353ms
353ms Font
application/x-font-ttf 2606:4700:3030::6818:7706
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/icomoon.ttf?jtzdu4
Requested by: Host: www.billings2.com
URL: https://www.billings2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6818:7706 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57a7356656f58ccfe1a75cab7db5c2fdc0340f16f0046125d5b0faacb91acad

Request headers

Referer: https://www.billings2.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.0.24
Origin: https://www.billings2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 03:52:32 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Feb 2018 23:45:47 GMT
server: cloudflare
etag: W/"1798-565c186ba40c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-font-ttf
status: 200
cache-control: max-age=14400
cf-ray: 578d70a0afce1776-FRA

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Host: www.billings2.com
URL: https://www.billings2.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Bitter|Oxygen:300,400,700|PT+Serif:400,700&subset=latin,latin-ext
Origin: https://www.billings2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 20:30:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:48 GMT
server: sffe
age: 1149736
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13372
x-xss-protection: 0
expires: Wed, 10 Mar 2021 20:30:16 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings function| pinBadgeAddLoadEvent undefined| $ function| jQuery object| wpcf7 object| tve_frontend_options object| twemoji object| wp function| isExternal undefined| __thrive_$oJ object| ThriveGlobal object| TVE_jQFn object| TCB_Front object| ThriveApp number| _isAdmin number| _is_blankPage number| _lastScrollTop object| _theMenu object| _nextElement undefined| _floatingOption boolean| _hasFloatingMenu string| _defaultPadding number| _menuHeight object| _textLogoHeight number| _hasCenterLogo object| _custom_header string| _custom_header_class boolean| _is_custom_header undefined| _center_header_height object| _overlayElement object| jQuery1124016204758508499428 object| tve_dash_front object| TVE_Dash number| TCB_PAGE_INDEX boolean| condition

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.billings2.com/	1970-01-19 09:00:13	Name: __cfduid Value: dff8efdff8dbd573b2bdd38805afb449e1585021950

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.billings2.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billings2.com
fonts.googleapis.com
fonts.gstatic.com
www.billings2.com
2606:4700:3030::6818:7706
2a00:1450:4001:814::2003
2a00:1450:4001:818::200a
00f9cac1c364a2780a6a1794692eae21de93562609195eb7d2f2cd91345b338d
0626b4c025d032c48610807d5883007833f9a84499246b3a4a2f45c3cec9e242
12430d6336c1b9e14c28166eabf5cb0a1af2ce5841075e9e19e31cfef60f731b
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c
17e749aed9c025955ed88444f83f702efa715258215f19bf9c25f87d6bdca518
19f01d58623dc64c918e8006eebb7813ae0c50095729536d56c15c7dafe2f661
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2cd95703706fddff8ec43c1d7d376b1672187369b8737f05d58dff9893616e96
2e02ed4e429cbd58dc079f8de1b15fa1efa00df14c49f55f55a4ff4f921f3b91
32c411d384ddf9c04d0cc831362c14667751e6ffff7c480bda60580d4ce9273b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d5922a01363dfc845dc029505835175ba3da7b0cb7a12698e8b6b085460500e
59ebc47331c997b569e83c98089d44b1f3797e2bec0e6cf979f8c7e43643f452
5cd7e312e01df5f0b5247821c63385d66ded0bce7c334fccd42b1a2cd66d7ea8
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
6701146f916603227ef5f6eba64850c5bb78f0b759f39a0b902bb86a27584689
69161c137a7c4e28dfa4334c042466d72c1a98a0c7e5925e323809c80049aa13
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
977e812cf6bdbf5fe022329ec81186901610e8559ffe4c2d5675c0a93cbd69ba
a57a7356656f58ccfe1a75cab7db5c2fdc0340f16f0046125d5b0faacb91acad
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
b1881d7e1e034fe7f12472cfe05d27fe9d95cfc9ccd84320b238fe9f4b306aa8
c845305d0cf556d59d35a8aacece2af462a7896f9df46d313a4a2aac1640d677
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d3d2f697669724037d07b32cad59563270f2adeffe74b1a0f6f6112d9bf5436a
d5c57466e78a77781bc2aa8adbd280809c3d7772c476677b6a954c5d8325d91d
d7954082c2cb7796d3f71cb005f5150e6c5e9373f6d10eb73a66763a9cf4b30a
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
f2467893b2708a56ed62beddb85cfb4d9ad252590d1e4a11ebdcd39b1112def2
f40657d814bb7d14f7ce160fa99fdd4275172e1a08412ea593f874d34a058464
f9355a5440029280e90e72be6a419b70acb6803444c9c9a0498d86de4d187e03