urlscan.io logo urlscan.io
SecurityTrails logo

billing2019sandbox.byappdirect.com Open in urlscan Pro
104.18.30.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://billing2019sandbox.byappdirect.com/
Effective URL: https://billing2019sandbox.byappdirect.com/home
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 62 HTTP transactions. The main IP is 104.18.30.109, located in and belongs to CLOUDFLARENET, US. The main domain is billing2019sandbox.byappdirect.com.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.
This is the only time billing2019sandbox.byappdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 43 104.18.30.109 13335 (CLOUDFLAR...)
7 108.139.38.210 16509 (AMAZON-02)
2 3 104.17.96.195 13335 (CLOUDFLAR...)
2 104.18.72.113 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.139.51.165 16509 (AMAZON-02)
1 20.69.148.90 8075 (MICROSOFT...)
1 20.51.76.12 8075 (MICROSOFT...)
62 10
43    104.18.30.109 (None, )

ASN13335 (CLOUDFLARENET, US)
billing2019sandbox.byappdirect.com
7    108.139.38.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-210.jfk50.r.cloudfront.net
d6r6ulbtqyuv7.cloudfront.net
3    104.17.96.195 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
2    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
3    2607:f8b0:400d:c07::65 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.139.51.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-51-165.jfk50.r.cloudfront.net
www.datadoghq-browser-agent.com
1    20.69.148.90 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rum.browser-intake-us3-datadoghq.com
1    20.51.76.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
session-replay.browser-intake-us3-datadoghq.com
Apex Domain
Subdomains		 Transfer
43 byappdirect.com
billing2019sandbox.byappdirect.com
580 KB
7 cloudfront.net
d6r6ulbtqyuv7.cloudfront.net
1 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 29907
245 KB
2 browser-intake-us3-datadoghq.com
rum.browser-intake-us3-datadoghq.com — Cisco Umbrella Rank: 73792
session-replay.browser-intake-us3-datadoghq.com — Cisco Umbrella Rank: 147520
670 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
189 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
6 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536
48 KB
62 8
Domain Requested by
43 billing2019sandbox.byappdirect.com 1 redirects billing2019sandbox.byappdirect.com
d6r6ulbtqyuv7.cloudfront.net
7 d6r6ulbtqyuv7.cloudfront.net billing2019sandbox.byappdirect.com
3 www.google-analytics.com billing2019sandbox.byappdirect.com
www.google-analytics.com
d6r6ulbtqyuv7.cloudfront.net
3 v2.zopim.com 2 redirects billing2019sandbox.byappdirect.com
2 www.googletagmanager.com billing2019sandbox.byappdirect.com
www.google-analytics.com
1 session-replay.browser-intake-us3-datadoghq.com www.datadoghq-browser-agent.com
1 rum.browser-intake-us3-datadoghq.com d6r6ulbtqyuv7.cloudfront.net
1 www.datadoghq-browser-agent.com billing2019sandbox.byappdirect.com
1 ekr.zdassets.com d6r6ulbtqyuv7.cloudfront.net
1 static.zdassets.com billing2019sandbox.byappdirect.com
62 10

This site contains no links.

Subject Issuer Validity Valid
billing2019sandbox.byappdirect.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
zdassets.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
*.browser-intake-us3-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-15 -
2025-06-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://billing2019sandbox.byappdirect.com/home
Frame ID: 5E4C36C4E88B1C6CBE8AA12858A3D051
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Billing 2019 Sandbox | Finance Team

Page URL History Show full URLs

  1. https://billing2019sandbox.byappdirect.com/ HTTP 301
    https://billing2019sandbox.byappdirect.com/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

94 %
HTTPS

22 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

2356 kB
Transfer

9399 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billing2019sandbox.byappdirect.com/ HTTP 301
    https://billing2019sandbox.byappdirect.com/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://v2.zopim.com/?3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 57
  • https://v2.zopim.com/w?3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.335.js
Request Chain 61
  • https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/images/favicon.ico HTTP 302
  • https://d6r6ulbtqyuv7.cloudfront.net/http-status/404

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
billing2019sandbox.byappdirect.com/
Redirect Chain
  • https://billing2019sandbox.byappdirect.com/
  • https://billing2019sandbox.byappdirect.com/home
21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c0c4263f3c64ce1891bfcf6ac87ba46819dd0db8e4bdbba748d93320000d98
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store,no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a889d55cc925e82-EWR
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
content-type
text/html;charset=UTF-8
date
Thu, 25 Jul 2024 02:10:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
149
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a889d4c0dd55e82-EWR
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
date
Thu, 25 Jul 2024 02:10:37 GMT
expires
0
location
./home
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
18
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
universal-header-global.js
billing2019sandbox.byappdirect.com/universal-header/ 		966 KB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/universal-header/universal-header-global.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe689d6187dfc7944c2028846629c85e09ef04d70243ba88510ef06753d17a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-amz-request-id
ZBRA8ANQMGMR398B
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
40
x-amz-id-2
yD44UBkHSxFGNmQkXrpNJBUDSMvc7o6HR30csPw3ZomjEbH4KUXLPBPwK+B/AAPEKgP7/5I5D/s=
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jul 2024 14:11:32 GMT
server
cloudflare
etag
W/"38c0b6d71871dc7c54892392691b5c9b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
ad-trace-id
8356447649337539723
cf-ray
8a889d575f025e82-EWR
/
billing2019sandbox.byappdirect.com/hermes/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/hermes/
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b2b39952cf5768a5251704581da506e73bf68033b9df5f8da571b5df5b93b1
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-amz-request-id
ZBR43B1DPA5SK1MC
x-envoy-upstream-service-time
50
x-amz-id-2
1ZB6DsyV1czU7tzomJP4OfUZmRjCZygsc+yd3qPtCmq4dhBIw9VzjMCP1Ix6CHEPh8xRYHd4PDI=
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 15:47:53 GMT
server
cloudflare
etag
W/"849f71c34dc8be395d04e679ee6bcfe4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
ad-trace-id
6460190386139124495
cf-ray
8a889d576f0f5e82-EWR
vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/ 		785 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
47aaa95027dddb4696c5c2de60788d2efab50a2f3261975a20d8712203e85b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:19:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
23248272
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
9
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
last-modified
Tue, 24 Oct 2023 16:53:28 GMT
server
cloudflare
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
81df7c94dd1e1759-IAD
x-amz-cf-id
ZTbYWlHFO_ivinH3K_RyhFsdy4s9_hQWZnJXAiGNxvdPPqOx9FIZUg==
expires
Tue, 29 Oct 2024 00:19:25 GMT
themeConfig-ver-5F49826ACB71C2962C473731454F141A.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/themeConfig-ver-5F49826ACB71C2962C473731454F141A.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
253e45a68bd580a875fb5c70c46038e87b3f92211bad8ea467aa5da40ec2bb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 10:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
3859235
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
last-modified
Fri, 07 Jun 2024 14:34:42 GMT
server
cloudflare
x-frame-options
DENY
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
891891be0c733b65-IAD
x-amz-cf-id
ZQ-IugyJ34L55Pj7Y-m74I_L-dBTqRcwknP66bqKjaxYUE32YrARsw==
expires
Tue, 10 Jun 2025 10:10:02 GMT
l10n_en_US-ver-467DE0712EEEC464CF776D419D8B6051.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/l10n/ 		2 MB
400 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/l10n/l10n_en_US-ver-467DE0712EEEC464CF776D419D8B6051.js?en_US
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
d15d2122ea58681546beee66c01b1fd3557c4f8c9e35289ecb519c529f55ba2d
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self'; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 00:12:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self'; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:;
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
7064
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a87f0e18abbc587-IAD
x-amz-cf-id
pSI8RAmRqEARlXxGayyDe7h3hxk3zlna__3Xm1MvXo13xHHBmErNPQ==
expires
Fri, 09 Aug 2024 00:12:53 GMT
generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/ 		249 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5defb19ad0945459c1c8d6cb7172586444ef95ba1dbef908102c054cdd21729e
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
10
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
8a889d577f375e82-EWR
expires
Fri, 25 Jul 2025 02:10:37 GMT
styles.min-ver-7D6F9684D6D62738102573BE5557C6F7.css
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/base/styles/pages/marketplace/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/base/styles/pages/marketplace/styles.min-ver-7D6F9684D6D62738102573BE5557C6F7.css
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b32491673008baa9915c22c69b85a1a751193e211970fe2ad0793b831a49519
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
10
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
8a889d578f4a5e82-EWR
expires
Fri, 25 Jul 2025 02:10:37 GMT
hermes-ver-AB580BEA5E5D0BBD8C01A9843BB6A0AF.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/analytics/hermes/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/analytics/hermes/hermes-ver-AB580BEA5E5D0BBD8C01A9843BB6A0AF.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
c9f948abb3c19f383307f49ff9ad40d3aa6e602763c819759b11146989f35003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:06:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
24347030
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
3
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
last-modified
Tue, 10 Oct 2023 21:02:12 GMT
server
cloudflare
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
8176b36d0d57388b-IAD
x-amz-cf-id
soFdOwpQfw6sOX3hO_icfwbqhe8XxNaIG82SZu0GmhxNSvT7FD51yg==
expires
Wed, 16 Oct 2024 07:06:47 GMT
kraken.min-ver-B05EBED455AB5436A799D9403AC724F1.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/ 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/kraken.min-ver-B05EBED455AB5436A799D9403AC724F1.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
feac39da8aa80c5fedb41a8c09cdf5908f2d81a907e73c327e6c111b9ba7e2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 10 May 2024 06:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
6551684
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
199
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
last-modified
Tue, 07 May 2024 13:48:50 GMT
server
cloudflare
x-frame-options
DENY
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
8817cc1b9e016fad-IAD
x-amz-cf-id
0YuDIVuIaTqZDZvGwuuD1J_LIrhTCwB09Ax0qATA1flzNsuXlf0xIw==
expires
Sat, 10 May 2025 06:15:53 GMT
main.min-ver-F395E79A8D636DA41657CD6BD9AD41DB.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/pages/marketplace/ 		2 MB
381 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/pages/marketplace/main.min-ver-F395E79A8D636DA41657CD6BD9AD41DB.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
5e2cfa452f3aca1f82900cde83ec3fdd73e4cee74acea806a6f5eafa4f130a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 12:44:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
825951
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
382
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jul 2024 14:42:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
8a39d88108dd82aa-IAD
x-amz-cf-id
7Su93KZ6QGPNiGC6h7JdPUwg7_VjTKT0mwecM62Oxq1RXFS4L4ezmQ==
expires
Tue, 15 Jul 2025 12:44:46 GMT
forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-210.jfk50.r.cloudfront.net
Software
cloudflare /
Resource Hash
24c9b298cb8ec8c0aaeec2da35f61f74d014f68329f1ae16cb693b5345485b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 02:41:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
18401344
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
5
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
last-modified
Tue, 19 Dec 2023 15:48:14 GMT
server
cloudflare
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
public,max-age=31536000
cf-ray
83adb9c52acc5a09-IAD
x-amz-cf-id
YGAsELEFiHjrD5PZI-w5MLJ2wCTF4cQgTC3LQkKeIT4lbDfP4r0qwQ==
expires
Tue, 24 Dec 2024 02:41:33 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
x-amz-version-id
KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
QVFG60D0QCX58DCK
age
32
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
zFmYu4g9hVUmP3B4iKavXK1Q1sjETd0qB5Rn6Uje9bCQVGZyyPK6sHlMNMtTAzuYaBWpVclBx7c=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoA4ZN%2F43a1JuvAyGftTreyal%2FYXcK809q2BScVarrqkOJ8MDDk22YaL9jzqKMRs0zpNcmS3p%2FFqfsh%2B99%2Frk11ZResMCVpIQzMNqN0azLCU4X%2FDAOKt8OVxVJn4k6AbX0b53%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a889d5bfc054caf-PHL
access-control-allow-headers
*

Redirect headers

date
Thu, 25 Jul 2024 02:10:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8a889d5aca510f85-EWR
content-length
143
expires
Thu, 01 Jan 1970 00:00:01 GMT
config
billing2019sandbox.byappdirect.com/api/hermes/v2/ 		305 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/hermes/v2/config
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/analytics/hermes/hermes-ver-AB580BEA5E5D0BBD8C01A9843BB6A0AF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72f3d91ad48bd75109ade0fb73afd954ab3d8eb1b6dfec5e716081ec22c8e02
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
x-envoy-upstream-service-time
22
ad-trace-id
7200210019418053478
cf-ray
8a889d5afcf95e82-EWR
accounting.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/vendor/accounting/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/vendor/accounting/accounting.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5442b964691fb074182f3c9fc03fc4005c70a92b9e74a8f464d04a4298306ae
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
9
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b5d865e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
header-navigation.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/boilerplate/views/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/boilerplate/views/header-navigation.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb143f2629a09da70b445522aeb150ca1926b3b28c12d18834cc73e70ddf9bae
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
10
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b6d985e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
bootstrap-tooltip.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/thirdparty/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/thirdparty/bootstrap-tooltip.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb79fd25a8711774b63d2154e27df81ff198084b4ffbed542dea1cf82a9e9db0
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
7
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b7db35e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
marketplace.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/boilerplate/models/links/secondary/ 		249 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/js/boilerplate/models/links/secondary/marketplace.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90e502b4fc38a400ddef59c7d4d646f34ef7a484f45087486ca006c059f6156
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
11
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b7db65e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
query-string.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/ 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/query-string.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33508cd24a8530bed48022d816ef54117e1ed1d9c7241ccdfe6a84d446357479
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
8
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b8dca5e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
slick.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/vendor/slick-carousel/slick/ 		69 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/vendor/slick-carousel/slick/slick.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ae3290b5eefab20d138e366446fd2450fa9948bc2b878c6a61e99b33666de4
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
8
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b8dcd5e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
jquery.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/amdshims/ 		70 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/amdshims/jquery.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad399fbf073f5ea74a162c37245ba3f7928915c9692150399f7703274cd9297
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
8
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5b9de05e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
dragula.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/dragula.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
630a49c03255ba711d2898d9bee462be9bafcbcb6cafcc4aabf77edb9532e437
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
13
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5bbe085e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
baobab.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/node-modules/baobab.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4623ee4d34d8519d523df09989a8da80904991b4c9720d0a48aba29f2f4295c1
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
7
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5bce1a5e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
moment-with-locales.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/amdshims/ 		441 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/amdshims/moment-with-locales.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee4716b37e2e69f957064ff3ff477ea4b1e4f72cbb7637d4cebb40456286a1
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
13
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5bde375e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
events
billing2019sandbox.byappdirect.com/api/hermes/v2/ 		2 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/hermes/v2/events
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/hermes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
x-envoy-upstream-service-time
5
ad-trace-id
6126127556478566357
cf-ray
8a889d5bfe665e82-EWR
content-length
2
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		479 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9cd1212bc61e0c56678df228f2f39e398a6a7f60abc8ab4473881db515f279
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
258
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
2390277755312897247
cf-ray
8a889d5c0e705e82-EWR
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/hermes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jul 2024 00:22:21 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6497
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 25 Jul 2024 02:22:21 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKC2E8SZZN
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/hermes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c887f10683ee181b09b0384d879d720f9e3b42db1cec68f4b65881dd75455314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95383
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 02:10:38 GMT
header-navigation.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/base/js/boilerplate/views/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/base/js/boilerplate/views/header-navigation.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e1a823017aeeab53bf2af09b438cef3cea1054f5b6227afd378f40d70659bdd
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
10
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5c0e7d5e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
marketplace.js
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/base/js/boilerplate/models/links/secondary/ 		2 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/base/js/boilerplate/models/links/secondary/marketplace.js?v=d00b5e72e6ab95a9b986ffdfa9bdf47f526c493f
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8abfcd141a84f62f1bb6d47136cfe47f48ae1899cdc1e60cd7536e5414ceca6
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
9
content-disposition
inline
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5c4ed45e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		217 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104ff0dffded3222b2a4ebc77a2cd8cb4c046dbc6262b9dda6f88d2e02799d02
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
2
content-length
201
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
2456783380198044099
cf-ray
8a889d5c4ed65e82-EWR
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		217 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104ff0dffded3222b2a4ebc77a2cd8cb4c046dbc6262b9dda6f88d2e02799d02
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
201
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
2195774198048198340
cf-ray
8a889d5c4edb5e82-EWR
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		223 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea53194effa58b33a810ffc2bed682c460aad450eea770634cb0e500693553
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
210
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
6086400369578762710
cf-ray
8a889d5c8f475e82-EWR
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		229 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0995d8634ea678cefb5f6c1786f9f52dc356838186db9a2ed006e5bb98264d9e
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
212
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
6528423388046193948
cf-ray
8a889d5c9f4c5e82-EWR
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		217 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fde21b8b4e5f74a42efe984bb9f6f21ca75a586e9d06b90f3aeee3c2b2660b
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
201
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
5784645242255336379
cf-ray
8a889d5c9f505e82-EWR
3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh
ekr.zdassets.com/compose/zopim_chat/ 		210 B
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ce4b00490311d7b3adb9bfa1d69e2196364de4a3bc3bcadf079d21e58115c9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a888ef8f85061b9-SEA, 8a888ef8f85061b9-SEA, 8a888ef8f85061b9-SEA
x-runtime
0.004190
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"60ce4b00490311d7b3adb9bfa1d69e21"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKSOYEBzzofixN1zG2Ah9uQbt65%2BzZf8r7uervHe3dNcnpNYo%2F4Puut2jx4rR1saPWZrKsCiP9qrJ6N2iwW2t5WZl1DnREEkVhfzeMwnWDPYJVdWR5qawPV7VO3VakCE8ls%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes, yes
cf-ray
8a889d5d6be432b2-PHL
datadog-rum.js
www.datadoghq-browser-agent.com/us3/v4/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/us3/v4/datadog-rum.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.51.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-51-165.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
br
via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 08:22:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
38
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
x1ULpSopBgNUeXVWxSOV83b0Nz4vAaZfoznRAhOIk9EL1ups-sqQrw==
flagbatch
billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/ 		613 B
387 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appconfigr/v1/evaluation/flagbatch
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4ceda4dd54911eb5ed9fa27211e92222af5acea2b6a4e93abdc051be3d0e0f
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
1
content-length
269
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
ad-trace-id
5254191252009917381
cf-ray
8a889d5d283d5e82-EWR
en-US
billing2019sandbox.byappdirect.com/api/v1/translation/BILLING2019SANDBOX/ 		102 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/v1/translation/BILLING2019SANDBOX/en-US?namespace=universal-header
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c3f108dcf4efdef7d0e57e58aca0f054fcd9d8e59ea53e3b33e5485662e03ba3
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-powered-by
Express
x-envoy-upstream-service-time
24
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
ad-trace-id
5325540830820353848
cf-ray
8a889d5d485d5e82-EWR
configuration
billing2019sandbox.byappdirect.com/api/v3/universal-nav/ 		85 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/v3/universal-nav/configuration
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7afb1311fd68ac74542fa6632b7272323e4bd0fc26e564f8e985c42a6e497277
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
ef35095ebbd57d9f
x-envoy-upstream-service-time
18
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
ef35095ebbd57d9f
cf-ray
8a889d5d485e5e82-EWR
expires
0
published
billing2019sandbox.byappdirect.com/api/channel/v1/styles/BILLING2019SANDBOX/templates/ 		2 B
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/channel/v1/styles/BILLING2019SANDBOX/templates/published?locale=en-US
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
ff4d3f6f36387828
x-envoy-upstream-service-time
59
content-length
2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
ff4d3f6f36387828
cf-ray
8a889d5d48605e82-EWR
expires
0
published
billing2019sandbox.byappdirect.com/api/channel/v1/styles/BILLING2019SANDBOX/theme/ 		2 B
100 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/channel/v1/styles/BILLING2019SANDBOX/theme/published
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
be92c199324390a7
x-envoy-upstream-service-time
84
content-length
2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
be92c199324390a7
cf-ray
8a889d5d48615e82-EWR
expires
0
header
billing2019sandbox.byappdirect.com/api/theme/v1/publishedVersion/settings/ 		97 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/theme/v1/publishedVersion/settings/header?locale=en-US
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
ad-trace-id
3787802967087030117
cf-ray
8a889d5d48625e82-EWR
expires
0
layout
billing2019sandbox.byappdirect.com/api/channel/v1/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/channel/v1/layout
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
69c5cf08ae59961f
x-envoy-upstream-service-time
21
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
69c5cf08ae59961f
cf-ray
8a889d5d48635e82-EWR
expires
0
navigator
billing2019sandbox.byappdirect.com/api/marketplace/v1/ 		509 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/marketplace/v1/navigator
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439ee45163af8051d09513ea2708532ca89191bf55a236d393d3d6ba1639977a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
8f43798a5e53acae
x-envoy-upstream-service-time
26
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
8f43798a5e53acae
cf-ray
8a889d5d48645e82-EWR
expires
0
analytics
billing2019sandbox.byappdirect.com/api/marketplace/v1/ 		2 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/marketplace/v1/analytics?type=HOME&_=1721873437733
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
eebde993a5e963ff
x-envoy-upstream-service-time
9
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
eebde993a5e963ff
cf-ray
8a889d5d48665e82-EWR
expires
0
listing
billing2019sandbox.byappdirect.com/api/marketplace/v1/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/marketplace/v1/listing?filter=FEATURED&filter=POPULAR&filter=STAFFPICK
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6817ad555644758920de457f33ff64c32320f68c97798bc4d57e3c4379148c8a
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
5ca5823a5b46fdfd
x-envoy-upstream-service-time
50
x-xss-protection
1; mode=block
x-total-count
1
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
5ca5823a5b46fdfd
cf-ray
8a889d5d486c5e82-EWR
expires
0
bundles
billing2019sandbox.byappdirect.com/api/marketplace/v1/ 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/marketplace/v1/bundles
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
03844e6390581006
x-envoy-upstream-service-time
23
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
03844e6390581006
cf-ray
8a889d5d486f5e82-EWR
expires
0
collect
www.google-analytics.com/j/ 		15 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=698092040&t=pageview&_s=1&dl=https%3A%2F%2Fbilling2019sandbox.byappdirect.com%2Fhome&dp=%2Fhome&ul=en-us&de=UTF-8&dt=Billing%202019%20Sandbox%20%7C%20Finance%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1603995002&gjid=954605725&cid=1641575725.1721873438&tid=UA-19401247-67&_gid=1270495589.1721873438&_r=1&_slc=1&cd1=BILLING2019SANDBOX&cm1=0&cd2=NONE&z=1266671449
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8e79508ce4b3e6b23473f7881354832f81d5e30e40e9c03f44e4fc5bc256787c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 02:10:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing2019sandbox.byappdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YKC2E8SZZN&gtm=45je47o0v9126120369za200&_p=1721873438068&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1641575725.1721873438&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dt=Billing%202019%20Sandbox%20%7C%20Finance%20Team&dl=%2Fhome&dp=%2Fhome&sid=1721873438&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.transport_type=beacon&ep.partner=BILLING2019SANDBOX&tfd=3150
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 02:10:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing2019sandbox.byappdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKC2E8SZZN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d856234b103919061be9de8633ad8cae38ad3396fd0d2becd4d21d157cc2e12f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 02:10:38 GMT
faqGroups
billing2019sandbox.byappdirect.com/api/marketplace/v1/ 		2 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/marketplace/v1/faqGroups
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/common/js/vendors-pack-ver-5C8631E66303A21ED10A1520DD869E60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billing2019sandbox.byappdirect.com/home
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-b3-traceid
e6252b976bbe3f3e
x-envoy-upstream-service-time
17
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache, no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
x-b3-spanid
e6252b976bbe3f3e
cf-ray
8a889d5ecace5e82-EWR
expires
0
noise.png
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/ 		764 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/noise.png
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234948bf9609474eb6f3d16bbf66521e0ea78b01fce9713e66f65181a031bea6
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
9
content-disposition
inline
content-length
764
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5ecadf5e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
AppDirectIcons.woff
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/fonts/AppDirectIcons.woff?v=0.0.0
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868e87dbbc8a3ce796caf64811ebac667b3551182e6549c005dec148b54dc895
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/common/css/dist/resources/spa/themes/universal/styles/generated-styles.min-ver-0CCF1581A9AB293A77506588E8553125.css
Origin
https://billing2019sandbox.byappdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
11
content-disposition
inline
content-length
30804
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache, no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:26:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff;charset=UTF-8
cache-control
private,max-age=1296000,no-cache, no-store, max-age=0, must-revalidate
cf-ray
8a889d5edaf35e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
enabled
billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/me/services/ 		58 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/me/services/enabled?page_size=1000
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
www-authenticate
Bearer realm="api"
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
8
content-length
58
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
vary
Accept, Cookie, Accept-Encoding
content-type
application/json
x-frame-options
SAMEORIGIN
ad-trace-id
6524770241578996613
cf-ray
8a889d5f3b6a5e82-EWR
me
billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/ 		58 B
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/me
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-XSRF-TOKEN
c515bdd5-74db-4f35-9ba9-d9997a01223b

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
www-authenticate
Bearer realm="api"
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
9
content-length
58
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
allow
GET, PUT, HEAD, OPTIONS
vary
Accept, Cookie, Accept-Encoding
content-type
application/json
x-frame-options
SAMEORIGIN
ad-trace-id
6168219992739929792
cf-ray
8a889d5f3b6d5e82-EWR
acme_logo.png
billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/acme/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing2019sandbox.byappdirect.com/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/acme/images/acme_logo.png
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732f9d429906c38613ca234ac8d63bbffe0be49799526e54788b0a3ae3c65ccb
Security Headers
Name Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing2019sandbox.byappdirect.com/home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
x-envoy-upstream-service-time
14
content-disposition
inline
content-length
8176
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 23:28:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png;charset=UTF-8
cache-control
private,max-age=1296000
cf-ray
8a889d5f3b745e82-EWR
expires
Fri, 09 Aug 2024 02:10:38 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d31e49d4749465e79e9514cf1f68bf6cbc5a3cf6f939332c4dabc966ca67bfa

Request headers

Referer
Origin
https://billing2019sandbox.byappdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
widget_v2.335.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?3q3ueKL2bAaNSPM91w9RIJf0Lz8fvZFh
  • https://v2.zopim.com/bin/v/widget_v2.335.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.335.js
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
H2
Server
104.17.96.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57c22fcc812db947b2c35b5b5d0d20ece2df186cb20da1ea53d404fe04b7a3e

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:10:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Feb 2024 06:17:46 GMT
server
cloudflare
age
1191738
etag
W/"65e0218a-10304e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
8a889d61fb1b0f85-EWR
expires
Sun, 23 Jul 2034 02:10:39 GMT

Redirect headers

date
Thu, 25 Jul 2024 02:10:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"65e903af-0"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.335.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
8a889d5f58210f85-EWR
content-length
0
expires
Thu, 25 Jul 2024 06:10:38 GMT
rum
rum.browser-intake-us3-datadoghq.com/api/v2/ 		53 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cservice%3Adefault&dd-api-key=puba6f3dd74546b28cf0a51b86926252730&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=06c672f2-06ef-46a3-a603-1dcc17358aa1&batch_time=1721873438993
Requested by
Host: d6r6ulbtqyuv7.cloudfront.net
URL: https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/common/js/common/forceReAuthentication-ver-106618A5E1256B227A92E57606043CD2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.148.90 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8efff05bf18ff4bd23e46a0aace589d842c4b7d1da2df770b4e5f80c6b8aef2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jul 2024 02:10:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
06c672f2-06ef-46a3-a603-1dcc17358aa1
998c8e33-750c-45c1-852e-dccab1206d55
https://billing2019sandbox.byappdirect.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://billing2019sandbox.byappdirect.com/998c8e33-750c-45c1-852e-dccab1206d55
Requested by
Host: billing2019sandbox.byappdirect.com
URL: https://billing2019sandbox.byappdirect.com/home
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
25814
Content-Type
replay
session-replay.browser-intake-us3-datadoghq.com/api/v2/ 		53 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-us3-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cservice%3Adefault&dd-api-key=puba6f3dd74546b28cf0a51b86926252730&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=60171ddf-56b9-4ff7-b970-522348d31836
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us3/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.51.76.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dae39223491e49172026008429191fc092af0ff3532a897bb05bc09b8375e4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://billing2019sandbox.byappdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarygpkJlqeOzIHBTNAP

Response headers

date
Thu, 25 Jul 2024 02:10:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
60171ddf-56b9-4ff7-b970-522348d31836
404
d6r6ulbtqyuv7.cloudfront.net/http-status/
Redirect Chain
  • https://d6r6ulbtqyuv7.cloudfront.net/wicket/resource/com.appdirect.wicket.resources.Resource/spa/themes/universal/images/favicon.ico
  • https://d6r6ulbtqyuv7.cloudfront.net/http-status/404
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d6r6ulbtqyuv7.cloudfront.net
URL
https://d6r6ulbtqyuv7.cloudfront.net/http-status/404

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| AdUniversalHeader object| AdUniversalHeaderExportModule string| hermesVersion function| Hermes object| bootstrapData string| key object| APPDIRECT string| metaDescription string| metaKeywords string| marketPlaceName string| theme string| locale string| localeLanguage string| dateFormat string| dateTimeFormat string| defaultCurrency string| defaultCountry string| appWiseUrl boolean| hermesOnInstance boolean| hermesOnPartner boolean| hermesSettingsFlag boolean| urlProvisioned boolean| externalReportingEnabled boolean| companyGroupsEnabled boolean| segmentConditionsOnNotification boolean| emailAttachmentsEnabled boolean| rcReportsSettingsEnabled boolean| notificationsContinuousProcessingEnabled boolean| notificationsCustomAttributesSupport boolean| mpDashboardPoweredByMetricaEnabled boolean| mpDashboardPoweredByMetricaCacheEnabled boolean| simultaneousApiCallOnNotification string| storeSignUpUrl object| currencyFormats string| universalHeaderSignalsSocketEndpoint string| universalHeaderOAuthClientId boolean| clientConfiguredCorrectlyForImplicitFlow object| CHANNEL_SETTINGS string| WEBSHIM_PATH string| ACE_PATH string| IMG_BASE string| SERVER_TIME_ZONE string| DATE_PICKER_FORMAT object| Session object| Marionette function| QRCode function| requirejs function| require function| define function| $ function| jQuery function| _ object| Backbone object| libphonenumber object| Modernizr function| $zopim object| I18N function| _populateBootstrapRegistry function| __define object| accounting object| Backgrid function| moment function| isExternalUrlToCurrentMarketplace function| getCookieValue function| ForceReAuthenticate object| ace object| adLocalStorage function| ga function| gtag object| dataLayer object| hermes object| zEWebpackACJsonp function| zE function| zEmbed function| setImmediate function| clearImmediate object| DD_RUM object| App object| jQuery1124006042995066914769 boolean| ad_header_rendered object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| zEACLoaded

11 Cookies

Domain/Path Name / Value
billing2019sandbox.byappdirect.com/ Name: XSRF-TOKEN
Value: c515bdd5-74db-4f35-9ba9-d9997a01223b
billing2019sandbox.byappdirect.com/ Name: JSESSIONID
Value: 4BB44F7EBE1F93E52A885E337EFE1857
billing2019sandbox.byappdirect.com/ Name: STATK8SADSVC
Value: "3f6088812c6aaf75"
.byappdirect.com/ Name: __cf_bm
Value: sFpuIuxEW5_km.bhtaaXugnX4FONMDUJXOV4ILykU_I-1721873437-1.0.1.1-N9Z2Fd7POwL8iOGyv.XjOGXLg1QOTk8iyYu6M0v7GUPIa594YvC1Zw2Vcmv1fyNycqE3ggDkIkhFudq7QVYCOQ
.byappdirect.com/ Name: _gid
Value: GA1.2.1270495589.1721873438
.byappdirect.com/ Name: _gat_874367921
Value: 1
.byappdirect.com/ Name: _ga_YKC2E8SZZN
Value: GS1.1.1721873438.1.0.1721873438.0.0.0
.byappdirect.com/ Name: _ga
Value: GA1.1.1641575725.1721873438
billing2019sandbox.byappdirect.com/ Name: ad_tag_m
Value: {%22widgets%22:{%22header%22:true}}
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: 67i/7T3J+/mT0XCLYx0K8yBmXvmxZsoU+00fSo5TU4gctKssWDsDPcOVDK/aa2bHf/ZajU1U0ODrKPyK+9/DQWY5O0gn+NFYBAOH2027a0xArA1KzB4Ea0nzLiZm
billing2019sandbox.byappdirect.com/ Name: _dd_s
Value: rum=1&id=0a200224-d8c0-4790-aba0-7027d8ac84f9&created=1721873438781&expire=1721874338781

5 Console Messages

Source Level URL
Text
security error URL: https://billing2019sandbox.byappdirect.com/home
Message:
The Content-Security-Policy directive 'object-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
network error URL: https://billing2019sandbox.byappdirect.com/api/theme/v1/publishedVersion/settings/header?locale=en-US
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/me/services/enabled?page_size=1000
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://billing2019sandbox.byappdirect.com/api/appwise/v2/core/users/me
Message:
Failed to load resource: the server responded with a status of 401 ()
worker error URL: https://billing2019sandbox.byappdirect.com/home
Message:
The Content-Security-Policy directive 'object-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none' blob:; base-uri 'self' ; report-uri https://cspappdirect.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billing2019sandbox.byappdirect.com
d6r6ulbtqyuv7.cloudfront.net
ekr.zdassets.com
rum.browser-intake-us3-datadoghq.com
session-replay.browser-intake-us3-datadoghq.com
static.zdassets.com
v2.zopim.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
d6r6ulbtqyuv7.cloudfront.net
104.17.96.195
104.18.30.109
104.18.72.113
108.139.38.210
108.139.51.165
20.51.76.12
20.69.148.90
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::65
00c0c4263f3c64ce1891bfcf6ac87ba46819dd0db8e4bdbba748d93320000d98
0995d8634ea678cefb5f6c1786f9f52dc356838186db9a2ed006e5bb98264d9e
104ff0dffded3222b2a4ebc77a2cd8cb4c046dbc6262b9dda6f88d2e02799d02
234948bf9609474eb6f3d16bbf66521e0ea78b01fce9713e66f65181a031bea6
24c9b298cb8ec8c0aaeec2da35f61f74d014f68329f1ae16cb693b5345485b54
253e45a68bd580a875fb5c70c46038e87b3f92211bad8ea467aa5da40ec2bb19
33508cd24a8530bed48022d816ef54117e1ed1d9c7241ccdfe6a84d446357479
3d31e49d4749465e79e9514cf1f68bf6cbc5a3cf6f939332c4dabc966ca67bfa
3d9cd1212bc61e0c56678df228f2f39e398a6a7f60abc8ab4473881db515f279
3e1a823017aeeab53bf2af09b438cef3cea1054f5b6227afd378f40d70659bdd
439ee45163af8051d09513ea2708532ca89191bf55a236d393d3d6ba1639977a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4623ee4d34d8519d523df09989a8da80904991b4c9720d0a48aba29f2f4295c1
47aaa95027dddb4696c5c2de60788d2efab50a2f3261975a20d8712203e85b96
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033
5ad399fbf073f5ea74a162c37245ba3f7928915c9692150399f7703274cd9297
5defb19ad0945459c1c8d6cb7172586444ef95ba1dbef908102c054cdd21729e
5e2cfa452f3aca1f82900cde83ec3fdd73e4cee74acea806a6f5eafa4f130a07
60ce4b00490311d7b3adb9bfa1d69e2196364de4a3bc3bcadf079d21e58115c9
630a49c03255ba711d2898d9bee462be9bafcbcb6cafcc4aabf77edb9532e437
65ae3290b5eefab20d138e366446fd2450fa9948bc2b878c6a61e99b33666de4
6817ad555644758920de457f33ff64c32320f68c97798bc4d57e3c4379148c8a
6dbe689d6187dfc7944c2028846629c85e09ef04d70243ba88510ef06753d17a
72fde21b8b4e5f74a42efe984bb9f6f21ca75a586e9d06b90f3aeee3c2b2660b
732f9d429906c38613ca234ac8d63bbffe0be49799526e54788b0a3ae3c65ccb
7afb1311fd68ac74542fa6632b7272323e4bd0fc26e564f8e985c42a6e497277
7d4ceda4dd54911eb5ed9fa27211e92222af5acea2b6a4e93abdc051be3d0e0f
868e87dbbc8a3ce796caf64811ebac667b3551182e6549c005dec148b54dc895
8b32491673008baa9915c22c69b85a1a751193e211970fe2ad0793b831a49519
8e79508ce4b3e6b23473f7881354832f81d5e30e40e9c03f44e4fc5bc256787c
8efff05bf18ff4bd23e46a0aace589d842c4b7d1da2df770b4e5f80c6b8aef2b
bb143f2629a09da70b445522aeb150ca1926b3b28c12d18834cc73e70ddf9bae
c3f108dcf4efdef7d0e57e58aca0f054fcd9d8e59ea53e3b33e5485662e03ba3
c5442b964691fb074182f3c9fc03fc4005c70a92b9e74a8f464d04a4298306ae
c887f10683ee181b09b0384d879d720f9e3b42db1cec68f4b65881dd75455314
c8abfcd141a84f62f1bb6d47136cfe47f48ae1899cdc1e60cd7536e5414ceca6
c90e502b4fc38a400ddef59c7d4d646f34ef7a484f45087486ca006c059f6156
c9f948abb3c19f383307f49ff9ad40d3aa6e602763c819759b11146989f35003
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d15d2122ea58681546beee66c01b1fd3557c4f8c9e35289ecb519c529f55ba2d
d856234b103919061be9de8633ad8cae38ad3396fd0d2becd4d21d157cc2e12f
dae39223491e49172026008429191fc092af0ff3532a897bb05bc09b8375e4ae
dbee4716b37e2e69f957064ff3ff477ea4b1e4f72cbb7637d4cebb40456286a1
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57c22fcc812db947b2c35b5b5d0d20ece2df186cb20da1ea53d404fe04b7a3e
e72f3d91ad48bd75109ade0fb73afd954ab3d8eb1b6dfec5e716081ec22c8e02
eb79fd25a8711774b63d2154e27df81ff198084b4ffbed542dea1cf82a9e9db0
efea53194effa58b33a810ffc2bed682c460aad450eea770634cb0e500693553
f7b2b39952cf5768a5251704581da506e73bf68033b9df5f8da571b5df5b93b1
feac39da8aa80c5fedb41a8c09cdf5908f2d81a907e73c327e6c111b9ba7e2ef