urlscan.io logo urlscan.io
SecurityTrails logo

secure.bill4time.com Open in urlscan Pro
2606:4700::6812:4c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.bill4time.com/
Effective URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:4c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.bill4time.com. The Cisco Umbrella rank of the primary domain is 274159.
TLS certificate: Issued by GTS CA 1P5 on September 19th 2023. Valid for: 3 months.
This is the only time secure.bill4time.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 23 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
2 35.190.25.25 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
1 6 2600:9000:264... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a02:26f0:e60... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
6 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 184.25.158.47 16625 (AKAMAI-AS)
72 23
23    2606:4700::6812:4c2 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.bill4time.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sessions.bugsnag.com
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api.mixpanel.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:20ab:6200:1e:4f23:dd00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.esnchocco.com
6    2600:9000:2644:a800:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    2a02:26f0:e600::687c:baa (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2606:4700:20::681a:36e (United States)

ASN13335 (CLOUDFLARENET, US)
track.gaconnector.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.esnchocco.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a05:d018:cc3:fe04:12eb:61d6:678d:3321 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    184.25.158.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-158-47.deploy.static.akamaitechnologies.com
chimpstatic.com
Apex Domain
Subdomains		 Transfer
23 bill4time.com
secure.bill4time.com — Cisco Umbrella Rank: 274159
6 MB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3056
d.adroll.com — Cisco Umbrella Rank: 1356
88 KB
7 esnchocco.com
ob.esnchocco.com — Cisco Umbrella Rank: 83709
obs.esnchocco.com — Cisco Umbrella Rank: 67274
39 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6003
5 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
22 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
736 B
4 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
38 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
357 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6862
578 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
425 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
14 KB
2 gaconnector.com
track.gaconnector.com — Cisco Umbrella Rank: 41200
7 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
69 KB
2 mixpanel.com
api.mixpanel.com — Cisco Umbrella Rank: 1168
474 B
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 832
97 B
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 6061
991 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
72 17
Domain Requested by
23 secure.bill4time.com 3 redirects secure.bill4time.com
6 obs.esnchocco.com ob.esnchocco.com
secure.bill4time.com
6 s.adroll.com 1 redirects www.googletagmanager.com
secure.bill4time.com
s.adroll.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 snap.licdn.com www.googletagmanager.com
snap.licdn.com
4 www.googletagmanager.com secure.bill4time.com
www.googletagmanager.com
www.google-analytics.com
3 www.google.de secure.bill4time.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.bill4time.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 track.gaconnector.com www.googletagmanager.com
track.gaconnector.com
2 www.youtube.com secure.bill4time.com
www.youtube.com
2 api.mixpanel.com secure.bill4time.com
2 sessions.bugsnag.com secure.bill4time.com
1 chimpstatic.com secure.bill4time.com
1 px4.ads.linkedin.com secure.bill4time.com
1 www.linkedin.com 1 redirects
1 d.adroll.com s.adroll.com
1 www.google.com secure.bill4time.com
1 ob.esnchocco.com www.googletagmanager.com
1 fonts.googleapis.com client
72 23

This site contains links to these domains. Also see Links.

Domain
www.bill4time.com
Subject Issuer Validity Valid
bill4time.com
GTS CA 1P5		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-13 -
2024-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.esnchocco.com
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Frame ID: 159EDBC150AF468EFF52BA8CA2875A60
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bill4Time - User Login

Page URL History Show full URLs

  1. http://secure.bill4time.com/ HTTP 301
    http://secure.bill4time.com/b4t2 HTTP 301
    http://secure.bill4time.com/b4t2/ HTTP 302
    https://secure.bill4time.com/B4T2/default.aspx?lo=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • api\.mixpanel\.com/track
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

72
Requests

96 %
HTTPS

86 %
IPv6

17
Domains

23
Subdomains

23
IPs

4
Countries

6340 kB
Transfer

29192 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.bill4time.com/ HTTP 301
    http://secure.bill4time.com/b4t2 HTTP 301
    http://secure.bill4time.com/b4t2/ HTTP 302
    https://secure.bill4time.com/B4T2/default.aspx?lo=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 51
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2879025%26time%3D1699904240213%26url%3Dhttps%253A%252F%252Fsecure.bill4time.com%252FB4T2%252Fdefault.aspx%253Flo%253D1%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJupFo976U2dAAAAYvKMD1uHhC0Gij-ApCs4FF8mPg0d4WeGuKBaL-0Lym4qu8KgOoikkY

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request default.aspx
secure.bill4time.com/B4T2/
Redirect Chain
  • http://secure.bill4time.com/
  • http://secure.bill4time.com/b4t2
  • http://secure.bill4time.com/b4t2/
  • https://secure.bill4time.com/B4T2/default.aspx?lo=1
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ddc80a83b7c2725f861ba42c8eab5fae1485702323dcb3849ea30f8e4a9930
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
825977eaf8474d50-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 19:37:17 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
825977e94d3e3669-FRA
Cache-Control
private
Connection
keep-alive
Content-Length
168
Content-Security-Policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Nov 2023 19:37:17 GMT
Location
https://secure.bill4time.com/B4T2/default.aspx?lo=1
Server
cloudflare
style.css
secure.bill4time.com/B4T2/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/css/style.css
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400
cf-ray
825977ec3a6c4d50-FRA
expires
Mon, 13 Nov 2023 23:37:17 GMT
hackathon.css
secure.bill4time.com/B4T2/css/ 		241 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/css/hackathon.css
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8477bfde0b8426462577859581c3f392326d6a1ba05c0a102a6ff9aebe0d7343
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:18 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 21:06:54 GMT
server
cloudflare
etag
W/"0eb36577dda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=21600
cf-ray
825977ec3a6e4d50-FRA
expires
Tue, 14 Nov 2023 01:37:18 GMT
tabushLib.js
secure.bill4time.com/B4T2/includes/jsFiles/ 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/includes/jsFiles/tabushLib.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b221d89d800143204d7b5912c626c0efe19cae03deaacfab359c2c8564452c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
etag
W/"06035a36dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a704d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
date.js
secure.bill4time.com/B4T2/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/date.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec13e5128f089017a7bafb08f2527cb614b22ea7820ebc177f242c30d240ed04
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 21:01:56 GMT
server
cloudflare
etag
W/"0ba97a56dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a724d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
shared.bundle.js
secure.bill4time.com/B4T2/js/shared-bundles/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/shared-bundles/shared.bundle.js?v=202311010516_2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98205111a0215c7dc60c077a491cfc223ca06d2c0153105be41fcbac0dc474a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:15:58 GMT
server
cloudflare
age
11009
etag
W/"0bb769b8dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a734d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
underscore.js
secure.bill4time.com/B4T2/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/underscore.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce8872fab6abc2278549b2854e17aace4969f0afda33e6eb49ac2bf0871f5ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 21:01:56 GMT
server
cloudflare
etag
W/"0ba97a56dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a754d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
mainEntry.bundle.js
secure.bill4time.com/B4T2/js/bundles/ 		4 MB
642 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/bundles/mainEntry.bundle.js?v=202311010516_2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de1d88bdce66091ddf295824d0c16ed960f931da56fa2cf9df942b965243789
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:06:52 GMT
server
cloudflare
age
11009
etag
W/"0be5567dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a774d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
react.bundle.js
secure.bill4time.com/B4T2/js/bundles/ 		13 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/bundles/react.bundle.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e257a21a9eaa80ee0be2f26bd21a6ef51298df64291cafdad50c2c960e8e039f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:18 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 21:15:54 GMT
server
cloudflare
etag
W/"06114998dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a784d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
Bill4Time.min.js
secure.bill4time.com/B4T2/js/ 		142 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/js/Bill4Time.min.js?v=202311010516_2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1a78ab6ea5124bb3b7d078372a26558e01d9a1ef2606de72cff566f6b52708
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:06:46 GMT
server
cloudflare
age
11009
etag
W/"03772527dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
825977ec3a7a4d50-FRA
expires
Tue, 14 Nov 2023 01:37:17 GMT
WebResource.axd
secure.bill4time.com/B4T2/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZE-qXEaAOuqPMAup6VrYaapyblliVbAAOkgwkyng8AaEvehnog2&t=638242705795219488
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 07 Jul 2023 00:02:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
825977ec3a7b4d50-FRA
expires
Tue, 12 Nov 2024 15:52:05 GMT
login-logo.png
secure.bill4time.com/B4T2/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.bill4time.com/B4T2/images/login-logo.png
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bb92a28b3f5455792448f4d1be252a6ffc289d2b576b52fab162efa90c24e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:18 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
825977ec6ad54d50-FRA
content-length
3670
expires
Tue, 14 Nov 2023 01:37:18 GMT
b4tpayments-post-release.png
secure.bill4time.com/images/promos/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.bill4time.com/images/promos/b4tpayments-post-release.png
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb7f1af264a3ad7738735b2c70f73c334f78dbbf95392d2744631da47de7dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:18 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Nov 2023 21:19:20 GMT
server
cloudflare
etag
"07cdd139dda1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=172800
accept-ranges
bytes
cf-ray
825977ec6ad74d50-FRA
content-length
176520
expires
Wed, 15 Nov 2023 19:37:18 GMT
/
sessions.bugsnag.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.bill4time.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 13 Nov 2023 19:37:18 GMT
via
1.1 google
gtm.js
www.googletagmanager.com/ 		303 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82f257bd01c801bfbb82cd94ec12011edb1fcddc1d2496f41797c94ffb851d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104072
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 18:54:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Nov 2023 19:37:18 GMT
/
api.mixpanel.com/track/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3NlY3VyZS5iaWxsNHRpbWUuY29tL0I0VDIvZGVmYXVsdC5hc3B4P2xvPTEiLCIkYnJvd3Nlcl92ZXJzaW9uIjogMTE5LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjcuMSIsInRpbWUiOiAxNjk5OTA0MjM4LjMzNCwiZGlzdGluY3RfaWQiOiAiMThiY2EzMDMyZWY5ZWItMDEyZmNmMTllNTBiZjMtNjYzODVlNTMtMWQ0YzAwLTE4YmNhMzAzMmYwOTg1IiwiJGRldmljZV9pZCI6ICIxOGJjYTMwMzJlZjllYi0wMTJmY2YxOWU1MGJmMy02NjM4NWU1My0xZDRjMDAtMThiY2EzMDMyZjA5ODUiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL3NlY3VyZS5iaWxsNHRpbWUuY29tL0I0VDIvZGVmYXVsdC5hc3B4P2xvPTEiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICJjMThmODBhZjllMWNkNDdlNmU4ZGUwMTYyMTJjMDJlNiJ9fQ%3D%3D&ip=1&_=1699904238334
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/js/shared-bundles/shared.bundle.js?v=202311010516_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Mon, 13 Nov 2023 19:37:18 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.bill4time.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
X-Requested-With
content-length
1
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/js/bundles/mainEntry.bundle.js?v=202311010516_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://secure.bill4time.com/
Bugsnag-Sent-At
2023-11-13T19:37:18.362Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
90217d214c796b4e5c1e6f2a01680e50
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 13 Nov 2023 19:37:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Nov 2023 19:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 18:24:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Nov 2023 19:37:19 GMT
/
api.mixpanel.com/decide/ 		65 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=c18f80af9e1cd47e6e8de016212c02e6&ip=1&_=1699904239303
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/js/shared-bundles/shared.bundle.js?v=202311010516_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
via
1.1 google
server
gunicorn
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
alt-svc
clear
login-logo.png
secure.bill4time.com/B4T2/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.bill4time.com/B4T2/images/login-logo.png
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bb92a28b3f5455792448f4d1be252a6ffc289d2b576b52fab162efa90c24e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
age
1
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
825977f7da8f4d50-FRA
content-length
3670
expires
Tue, 14 Nov 2023 01:37:19 GMT
b4tpayments-post-release.png
secure.bill4time.com/images/promos/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.bill4time.com/images/promos/b4tpayments-post-release.png
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb7f1af264a3ad7738735b2c70f73c334f78dbbf95392d2744631da47de7dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:19:20 GMT
server
cloudflare
age
1
etag
"07cdd139dda1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=172800
accept-ranges
bytes
cf-ray
825977f7da934d50-FRA
content-length
176520
expires
Wed, 15 Nov 2023 19:37:19 GMT
proximanova-medium-webfont.woff2
secure.bill4time.com/B4T2/fonts/ProximaNova/medium/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/fonts/ProximaNova/medium/proximanova-medium-webfont.woff2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/css/hackathon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223b0416a0baa7a9f9f66e776ea09be7f37746a47b73660571c7bca8420779fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

Referer
https://secure.bill4time.com/B4T2/css/hackathon.css
Origin
https://secure.bill4time.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
825977f81ae74d50-FRA
content-length
14124
expires
Tue, 14 Nov 2023 01:37:19 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed5425c2fe1e3c02900b2274831e6be8193b16ddaa23cd6661cbd68dc21a31ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85379
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 19:37:19 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CEFYS3CR6P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ffa4c9916c304de9d97c987761b8026db480727c9c162a738b1eb5267c990f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 19:37:19 GMT
2b34b842bcce2d75c653b74a3149699f.js
ob.esnchocco.com/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:6200:1e:4f23:dd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
441197c2fcf9d60f2bef6cce53a185a7fd1b57c555b1c65541ed534fc0b1ff83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:17 GMT
content-encoding
gzip
via
1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
AMS58-P3
age
42007
etag
"18e97-4wmB+wKCrRmMuhyLXCbN/aC9e8o"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37295
x-amz-cf-id
XopS9ogxULySb68FDA6_vhSIlFDelIdSrMOicB8aoHYoyR8dMYXDdQ==
expires
Mon, 13 Nov 2023 19:57:12 GMT
roundtrip.js
s.adroll.com/j/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-Amz-Version-Id
WR87b7q5q8oup3pL2O5SSN.NVO0Ke7cd
Content-Encoding
gzip
Via
1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
Date
Mon, 13 Nov 2023 19:00:34 GMT
Age
2211
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 31 Oct 2023 15:28:28 GMT
Server
AmazonS3
Etag
W/"c7df5f519bb5d8f62bef23196a8ec659"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ObQg9a6Ey9kuIdLIuwjAnxPOwMVxlPeoPI4pcg9y8sQSUqOKwHpj4A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Nov 2023 17:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 Nov 2023 19:49:41 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 13 Nov 2023 19:37:19 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0138622DD4FA4E21B08CA7787DA10EFD Ref B: FRA31EDGE0207 Ref C: 2023-11-13T19:37:19Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::687c:baa Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
667114cbfc4bb69e979947ba816f7fca7c2c171686443f81ac13e400dabf1b7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 09:24:50 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=49620
accept-ranges
bytes
content-length
3839
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport, base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-pG4TFq4TVOOP408P4NHHNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 13 Nov 2023 19:37:19 GMT
gaconnector.js
track.gaconnector.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.gaconnector.com/gaconnector.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5231e26cf13e232ddaac5d7f4488cb8371c305099967db84a95a0eded72ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
access-control-request-method
*
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript
access-control-allow-origin
*
x-cache
HIT
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkFTEnVIlLsaTUmSo7bb5EqNvrYmhYhY53%2BUv6I%2BeHKfyu6W6%2BAHi1x9KTwpyZv6mbYMBYnLd2wiM0x4Zj50m31zp65D6uKjpYGifNTds8R0DE1lR1GAL6nRfdPS7YwK%2FQnl%2FLosRVWaSgQB19MxAd%2F41g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
825977f97aba65c1-FRA
access-control-allow-headers
*
expires
Mon, 13 Nov 2023 20:37:19 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZQY3BNXSP5&gtm=45je3b81v879085961z86837556&_p=1699904238283&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=36678495.1699904240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699904239&sct=1&seg=0&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&dt=Bill4Time%20-%20User%20Login&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=3150
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZQY3BNXSP5&cid=36678495.1699904240&gtm=45je3b81v879085961z86837556&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZQY3BNXSP5&cid=36678495.1699904240&gtm=45je3b81v879085961z86837556&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1635178184
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CEFYS3CR6P&gtm=45je3b81v894726284z86837556&_p=1699904238283&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=36678495.1699904240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699904239&sct=1&seg=0&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&dt=Bill4Time%20-%20User%20Login&en=page_view&_fv=1&_ss=1&tfd=3199
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFYS3CR6P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 18:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
3259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 13 Nov 2023 19:43:00 GMT
www-widgetapi.js
www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:06:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68298
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 02:48:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Nov 2024 19:06:15 GMT
ct
obs.esnchocco.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.esnchocco.com/ct?id=45964&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1699904239715&hl=2&op=0&ag=1115042767&rand=832101656162125200520058291200290302203761070006987919625571536891821761997957529815&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDc4MzddLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCw3LDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsNiwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDEsMCwwLDAsMCwxLDAiXSxbLTEsIi0iXSxbLTIsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiMzY2Nzg0OTUuMTY5OTkwNDI0MCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDkwMDAwMDAsXCJ1amhzXCI6OTc0MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjgsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjk5OTA0MjM5NzA1LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSw3NDksMCwxLDAsMCw4NywxOTIsLTEsMCwyODg5LjMsMjk0Ny4yLDMyOTIsMzI5MyJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCItIl0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCIzMjk5NzI4NDUyXCIsXCI4MjI4MjMxMTlcIl0sXCJkXCI6W10sXCJiXCI6W1wiMTMwMjY1NjcwNlwiLFwiMTQzMjEzMjgxMFwiLFwiXzFcIixcIjExODIzMDkzMzRcIl0sXCJzXCI6MX0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpXV3hkY1NsZGFVVlphV2xZWFdsWlVGbEFXQzFzS0RWc0JEUXRiV2xwY0MxME9ERm9QREFwYkRnMVlDZ2dOQUE4QUFGOFhVMG9EQ0FNUER3Z0tDeEFWV0UwWlRSZGNRVWxXUzAxS0dSRlJUVTFKU2dNV0ZsWmJGMXhLVjFwUlZscGFWaGRhVmxRV1VCWUxXd29OV3dFTkMxdGFXbHdMWFE0TVdnOE1DbHNPRFZnS0NBMEFEd0FBWHhkVFNnTUlBdzhBQ1E9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwiLSJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIi0iXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDEsMCwwLDAsMSwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsMzldLFsiYWJuY2giLDM5XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=3tfbpXDkly&pto=3303&ver=57&gac=36678495.1699904240&mei=&ap=&fe=1&duid=1.1699904239.czqjTenXdyWu9RIO&suid=1.1699904239.cUIfQn7ZopAaEwM4&tuid=1.1699904239.TX0JyAzodmGdYzEM&fbc=-&gtm=W10%3D&it=29%2C3041%2C190&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: ob.esnchocco.com
URL: https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ae4e7983f84cd21267f3a1100027481cf173e6ffb43be8d334ec67d1c3f5e24e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1256
expires
Fri, 01 Jan 1990 00:00:00 GMT
25074489.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25074489.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 13 Nov 2023 19:37:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D065B0732585417FA7DD81B0F2C732DE Ref B: FRA31EDGE0207 Ref C: 2023-11-13T19:37:19Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25074489&tm=gtm002&Ver=2&mid=7da0208d-5329-4db1-88f0-0e76041572f2&sid=0f1e1080825c11ee98e9439d79f71987&vid=0f1e3cc0825c11ee9fd6cfdd90253f90&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bill4Time%20-%20User%20Login&p=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&r=&lt=2969&evt=pageLoad&sv=1&rn=769219
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 Nov 2023 19:37:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B3BBFAF8CF1C4C37924C4ADF144F96D7 Ref B: FRA31EDGE0207 Ref C: 2023-11-13T19:37:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::687c:baa Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1cb59ae50f08ccc50360cd1f808b1aa9df85a9502acd93c803400a344fcf072b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 17:31:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=78879
accept-ranges
bytes
content-length
15379
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
HTTP/1.1
Server
2600:9000:2644:a800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Mon, 13 Nov 2023 03:51:48 GMT
Via
1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
Age
56732
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
uMNEXn8n1ymEe2sVkdnEAxXKS7HKIkCrWNkT35hLD2ez796V62v8UA==

Redirect headers

Date
Mon, 13 Nov 2023 17:29:58 GMT
Via
1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
Age
7640
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
24PRf2XfbvxJ85Qvs0EJpw8djaZabgIyT04-z2BcmZjUV0HmG6S0SA==
index.js
s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53ed652c4ef9ae06063e9e261d8dc730a32c7f94e5fc8e9c0cb7a5976e74f6b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-Amz-Version-Id
MYfWCHWLbmEVsSHo4cOb2FcQi5oZjkuh
Content-Encoding
gzip
Via
1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
Date
Mon, 13 Nov 2023 19:03:08 GMT
Age
2052
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 12 Nov 2023 11:44:47 GMT
Server
AmazonS3
Etag
W/"459cb1a9305a91036e006846810993f6"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
sWDPKp_UkQmzYuZ8MF2bxnNDszOfUL3t69cnZHkAW9H8SdPxBlbkfQ==
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=698169092&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&ul=en-us&de=UTF-8&dt=Bill4Time%20-%20User%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAgEAjAAAAACgEK~&jid=1997267426&gjid=977441358&cid=36678495.1699904240&tid=UA-2204017-19&_gid=529588888.1699904240&_slc=1&gtm=45He3b81n71WKL4X3v6837556&cd13=Landscape&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=36678495.1699904240&z=76386441
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dca1381ed449fd3e4f4aa3dd96ce9be8923b54fa23c55d388fd14a6b9acf9e08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2204017-19&cid=36678495.1699904240&jid=1997267426&gjid=977441358&_gid=529588888.1699904240&_u=aDDAgEAjAAAAAGgEKAC~&z=1947850098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 13 Nov 2023 19:37:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_pageview
track.gaconnector.com/ 		475 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.gaconnector.com/track_pageview?lo=1&gaconnector_id=17e67e48-e17b-f07b-de7c-f073508935c9&account_id=350e9f3122e8ecfcac4c5551b37263d2&referer=&page_url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by
Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a94ab68b267b68c46320294258d15b3755193ee5bc03075dc45bd17de645523f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
access-control-request-method
*
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zk4Owm1IQ8y57J365JikmB%2FB4aLqPm02XD4rEnweiOaF8tZoTB2QYgXRBBIAsOzYJtAXp3MnBHEljB6dMVylDE9DS4dS5Wmj0jy8oJpEQyZSREHVXDgKmZYjOlq8X60dVoq%2BjF6zLbjjA8PGruAy27h7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
825977fb38766ade-FRA
access-control-allow-headers
*
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2204017-19&cid=36678495.1699904240&jid=1997267426&_u=aDDAgEAjAAAAAGgEKAC~&z=1824207173
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2204017-19&cid=36678495.1699904240&jid=1997267426&_u=aDDAgEAjAAAAAGgEKAC~&z=1824207173
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GB88YJK8P6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d8b27d64576846dff6066211fdc9494793dfe134d191192eb2fae4bda55ef41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85896
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 19:37:20 GMT
D43VSAFW4ZHDTLM3L6JTTA
d.adroll.com/consent/check/ 		482 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/D43VSAFW4ZHDTLM3L6JTTA?pv=15074572475.517334&arrfrr=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&_s=108321f6170dd5971200954ec99b7ce5&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:12eb:61d6:678d:3321 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
8f1c0105dfcee3f44635845a36d7d052c304c73cc0ca040c6b5ce5c70358f9c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:20 GMT
server
nginx/1.22.1
content-length
482
content-type
application/javascript
/
px.ads.linkedin.com/wa/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Nov 2023 19:37:19 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1DFEDC246EA5456DB86C52901E69B8E6 Ref B: FRAEDGE1511 Ref C: 2023-11-13T19:37:20Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://secure.bill4time.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYKDcxl9gPOdzg1HA5IFA==
tc_imp.gif
obs.esnchocco.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.esnchocco.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363e7ce35ee458e9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a14846b2317071a10acf9f29f674fd3d08054283b13ab7d7206853f8b67c00c6351239600085f3c0d09c2b96c4777be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60264fc60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49d8677a0dbde5eee489d5a3d72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dac941066bbdcf227da55ab41b6844dc619cbce2ec16b31919027df619481b9a69df3f1477fe425bebff92b4d26f9913f82be50eb0102419457459a9384c9d6ec827cc821de90e39e73e17b3735897766b4c2a71e6ad6ef77a816e985019566bd671f45599365ff439cc1a93fe0d476870ce08ccdd66bce01153ca61054523e113ee18b23fa05d48cdf77ebde72fed0748ccca9ee7a8bb7f74f616ec8b11e0495f7085042acaca27ab664cbac05b8b16aeb23fe239f418a06cbba6b96697bbdfbcc22466b720938085a11ade98865d71cb643474a20f8b04ddb980a10ecee8dc9e03597b3a085d2eaa5e3565d20e905daa453059e4a651bd67f5e6d71f07aa96a04c1e3c27f8962d13988a825d1a50e9e72133c26027d0f81c6e4df2066569c185988d5d9b9acd752059eb0bd618bce737bd8d10e2168f991d9503daa26855f9f1dff229a12dbc81be4a733e29b8bd2845a63efe038629e6ba78db0a8148071351605906e5f4db0a35f8beb08d7989bc851cdea9b215a721eea2fa117ab4bb387609f3b432543397461b210cfdb5700e70794ee9270d0ad34f3666fbd523975cbfadb185bf070f38719d307350249b5257fe7d68109955054c5c562f0aa9a828450c64f11674ca6652f409d8e0d5ab335eefec52f8cdaf26a357cd82351425b9b4a27b2f0a46d6c827e6391d7d153c3bfd7d34b60fe69a90d6b4ade1a723b84ac5b12da92ba89bcd046b663f930c72fc3931090b8ba393dec8549de8cfeef95e1dccc2850ccbb67479161d756c142f3bb68fb9edfdf70ae948abba804699ebfa3a21fdd46d1116f22603495c3626f8232f85783db6aee4265&cri=3tfbpXDkly&ts=495&cb=1699904240210
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2879025%26time%3D1699904240213%26url%3Dhttps%253A%252F%252Fsecure.bill4time.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJupFo976U2dAAAAYvKMD1uHhC0Gij-ApCs4FF8mPg0d4WeGuKBaL-0Lym4qu8KgOoikkY
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FF895A7DB8D94486BD2559E57B3C6740 Ref B: FRAEDGE1810 Ref C: 2023-11-13T19:37:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKDcx07Eb0lhmXxTRNGA==

Redirect headers

date
Mon, 13 Nov 2023 19:37:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 99BB4329ADE243A19619164C487988FA Ref B: FRAEDGE1511 Ref C: 2023-11-13T19:37:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2879025&time=1699904240213&url=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJupFo976U2dAAAAYvKMD1uHhC0Gij-ApCs4FF8mPg0d4WeGuKBaL-0Lym4qu8KgOoikkY
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKDcxv3J1lukAEOXXZGg==
539fe373-84d0-4a3d-93ef-b5ce2a095fcb
https://secure.bill4time.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure.bill4time.com/539fe373-84d0-4a3d-93ef-b5ce2a095fcb
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8c318872091c32da4d21fba7d93dc335e0b93ccaae29b946a6e36dc8f61bff5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
529
Content-Type
consent_tcfv2.js
s.adroll.com/j/ 		418 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-Amz-Version-Id
wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding
gzip
Via
1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
Date
Mon, 13 Nov 2023 19:33:32 GMT
Age
269
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Jul 2023 21:39:27 GMT
Server
AmazonS3
Etag
W/"3306a47faf7223d93fb356e8a73d1942"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
OSsTM_f4JWTUyVEQoPQjb8-hV3cKXOiYeIQKHfpivO8cn0WvPAUCEg==
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GB88YJK8P6&gtm=45je3b81v9135230410&_p=1699904238283&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=36678495.1699904240&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&dt=Bill4Time%20-%20User%20Login&sid=1699904240&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_13=Landscape&ep.ua_dimension_14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ep.ua_dimension_2=36678495.1699904240&tfd=3954
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB88YJK8P6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GB88YJK8P6&cid=36678495.1699904240&gtm=45je3b81v9135230410&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB88YJK8P6&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GB88YJK8P6&cid=36678495.1699904240&gtm=45je3b81v9135230410&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1101645010
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
proximanova-bold-webfont.woff2
secure.bill4time.com/B4T2/fonts/ProximaNova/bold/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/fonts/ProximaNova/bold/proximanova-bold-webfont.woff2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/css/hackathon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b640b84427dfd43e10f0385803559c504c1878020635fd7e51f646137622d814
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

Referer
https://secure.bill4time.com/B4T2/css/hackathon.css
Origin
https://secure.bill4time.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:20 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
age
11010
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
825977feeb584d50-FRA
content-length
14000
expires
Tue, 14 Nov 2023 01:37:20 GMT
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date
Mon, 13 Nov 2023 02:19:34 GMT
Via
1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
Age
62319
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
6poFkhiIOHs-iLo6_1a232RZ1oOax-LsAGqpKaR45OOhpUNHWuKzUw==
mon
obs.esnchocco.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.esnchocco.com/mon
Requested by
Host: ob.esnchocco.com
URL: https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://secure.bill4time.com
date
Mon, 13 Nov 2023 19:37:21 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.esnchocco.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.esnchocco.com/mon
Requested by
Host: ob.esnchocco.com
URL: https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://secure.bill4time.com
date
Mon, 13 Nov 2023 19:37:21 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
proximanova-light-webfont.woff2
secure.bill4time.com/B4T2/fonts/ProximaNova/light/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/fonts/ProximaNova/light/proximanova-light-webfont.woff2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/css/hackathon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3036ee197372bd1e730928fc1affcd0dd02e36b9a8bc4a834d954320bc77dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

Referer
https://secure.bill4time.com/B4T2/css/hackathon.css
Origin
https://secure.bill4time.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:21 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
age
11012
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
82597805fca04d50-FRA
content-length
14152
expires
Tue, 14 Nov 2023 01:37:21 GMT
proximanova-regular-webfont.woff2
secure.bill4time.com/B4T2/fonts/ProximaNova/regular/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/B4T2/fonts/ProximaNova/regular/proximanova-regular-webfont.woff2
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/css/hackathon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4eee640bc6395973d9edb2b170c9c7f92c88690d531e97ba08430bb2bb4fcc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Request headers

Referer
https://secure.bill4time.com/B4T2/css/hackathon.css
Origin
https://secure.bill4time.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:21 GMT
content-security-policy
frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 21:01:52 GMT
server
cloudflare
age
11011
etag
"06035a36dda1:0"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
82597805fca34d50-FRA
content-length
14068
expires
Tue, 14 Nov 2023 01:37:21 GMT
phoneNumber
secure.bill4time.com/apinode/twilio/lookup/ 		148 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.bill4time.com/apinode/twilio/lookup/phoneNumber
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/js/bundles/react.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
90b4dc2fe01571c29c6754d8d16406fa2a73c82bf471b28a60c803fe20cad7bf

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.bill4time.com/B4T2/default.aspx?lo=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"94-+AIjrKF/gmgc3PMfqpWhbw"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
825978064d0b4d50-FRA
expires
-1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::687c:baa Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
667114cbfc4bb69e979947ba816f7fca7c2c171686443f81ac13e400dabf1b7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 09:24:50 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=49618
accept-ranges
bytes
content-length
3839
0cbc0b688d77a34872e7249c9.js
chimpstatic.com/mcjs-connected/js/users/44844bb2538cb9f8af2d517ec/ 		50 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/44844bb2538cb9f8af2d517ec/0cbc0b688d77a34872e7249c9.js
Requested by
Host: secure.bill4time.com
URL: https://secure.bill4time.com/B4T2/default.aspx?lo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.158.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-158-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
95, 105, 102, 96, 104, 103, 112
Date
Mon, 13 Nov 2023 19:37:21 GMT
Last-Modified
Mon, 28 Jan 2019 17:52:21 GMT
Server
AmazonS3
x-amz-request-id
024KTGGEPBHY5ZVD
X-EdgeConnect-MidMile-RTT
0, 0, 0, 0, 2, 0, 0
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=622
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
wMrLxt76IfHrrnfNubkFalp8DxhCw99cBu+h9tzsPEX6mmmOBF09jwOH3mdUJAJTOrBO6Ev50kk=
Expires
Mon, 13 Nov 2023 19:47:43 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::687c:baa Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1cb59ae50f08ccc50360cd1f808b1aa9df85a9502acd93c803400a344fcf072b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 17:31:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=78877
accept-ranges
bytes
content-length
15379
mon
obs.esnchocco.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.esnchocco.com/mon
Requested by
Host: ob.esnchocco.com
URL: https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://secure.bill4time.com
date
Mon, 13 Nov 2023 19:37:23 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZQY3BNXSP5&gtm=45je3b81v879085961&_p=1699904238283&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=36678495.1699904240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699904239&sct=1&seg=0&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&dt=Bill4Time%20-%20User%20Login&en=scroll&epn.percent_scrolled=90&_et=8&tfd=8161
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CEFYS3CR6P&gtm=45je3b81v894726284&_p=1699904238283&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=36678495.1699904240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699904239&sct=1&seg=0&dl=https%3A%2F%2Fsecure.bill4time.com%2FB4T2%2Fdefault.aspx%3Flo%3D1&dt=Bill4Time%20-%20User%20Login&en=scroll&epn.percent_scrolled=90&_et=7&tfd=8224
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEFYS3CR6P&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.bill4time.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 19:37:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.bill4time.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mon
obs.esnchocco.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.esnchocco.com/mon
Requested by
Host: ob.esnchocco.com
URL: https://ob.esnchocco.com/i/2b34b842bcce2d75c653b74a3149699f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.bill4time.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://secure.bill4time.com
date
Mon, 13 Nov 2023 19:37:25 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture undefined| B4TAPISessionKey undefined| B4TUserId object| dataLayer undefined| B4TForm undefined| B4TReqType undefined| B4TRefreshForm undefined| B4TRefreshReqType function| setForm function| setReqType function| setRefreshForm function| setRefreshReqType function| checkGlobalVars function| stripCurrencySymbols function| whatIsTheCurrencyOnTheValue function| HtmlDecode boolean| didSubmit function| noDblSubmit undefined| helpBoxProc undefined| ticketHelpBoxProc function| trimLeft function| trimRight function| trim function| logOut function| toDashboard function| URLencode function| CalShowHide function| CalShowHide2 function| setDateFieldFromCal function| showTravelTimeHelp function| hideTravelTimeHelp function| showHelpBox function| hideHelpBox function| showHideTravelTime function| showTicketHelpBox function| showTicketHelpBox2 function| showSOHelpBox function| hideSOHelpBox function| hideTicketHelpBox function| activateTicketHelpBox function| activateTicketHelpBox2 object| fadeInProc object| fadeOutProc function| fadeShow function| fadeHide function| fadeIn function| fadeOut function| deactivateTicketHelpBox function| activateSOHelpBox function| deactivateSOHelpBox function| isValidDate function| isValidCurrencyFormat function| isValidNumberFormat function| isNumber function| toNumber function| showHideEmpInfo function| hideEmpInfo function| showHideLocationInfo function| hideLocationInfo function| hideContactInfo function| showHideContactInfo function| contactLookup function| fillContactInfo function| missedRequiredFields function| markRequiredFields function| clearRequiredFields function| adjustRequiredFields function| isValidEmail function| openWindow function| secureNavWithCheckState function| iframeSecureNav function| refreshPage function| submitMe function| setSmartScroll function| enableAllElements function| disableAllElements function| preLoadImages function| findPosY function| findPosX function| openBlumbergSite function| addOption function| stateAdjust function| Hash function| checkEnter function| getPosX function| getPosY function| NavToTicket function| NavToClient function| require object| Merlot object| mixpanel function| jQuery function| $ object| Backbone function| _ function| bugsnag object| bugsnagClient function| b4tConsoleDebug object| _console object| platform object| Highcharts function| moment object| encode function| requireB4T object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| FlateStream function| loadDocStorageTab function| loadSubscriptionTabContent function| loadRateLockTool function| loadDocStorageNetDoc object| FontAwesomeConfig object| ___FONT_AWESOME___ function| loadInfoUpdateComponent function| loadB4TPaymentsWizardComponent function| loadB4TBankAccountsTabComponent function| loadB4TBankAccountsModalComponent function| loadAccountingTabComponent function| loadRefundPaymentModalComponent function| loadRefundPaymentsTableComponent function| loadClientPaymentsTabComponent function| loadClientRetainersTabComponent function| loadPaymentPlanModalComponent function| loadProjectPaymentsTabComponent function| loadProjectRetainersTabComponent function| loadProjectOriginatingAttorneyField function| loadMainPaymentsTabComponent function| loadLink2PayPreviewComponent function| loadPaymentPlanHistoryPopupComponent function| loadB4tpInfoModalComponent function| loadNetworkFeeReportComponent function| loadBatchFeeTransactionModalComponent function| loadBatchECheckPayoutsModalComponent object| browserDetails function| loadB4TCalendar function| loadChargeCardModalComponent function| loadLoginPageComponent function| loadLoginFormComponent function| loadPhoneInputComponent function| loadStatementEmailSetup function| loadB4TBanner function| loadProductSurveyBannerComponent function| loadLegacyUserPasswordFieldComponent function| loadUserConfirmationComponent function| loadFirmActivationModalComponent boolean| _pdfjsCompatibilityChecked function| loadStatementsDashboardComponent function| timeGetNearestIncrement object| Bill4Time object| form string| masterPrefix function| pageLoad function| loadPhoneInputField function| writeDSTChanges function| getDSTChangesFor function| cookieStuff function| createCookie function| readCookie function| eraseCookie function| handleConfirmMfa function| confirmMfa function| validateMfaFields function| validateEmail function| loginCheck function| mfaCodeIsValid function| clickHandler function| $getElementById object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| GoogleAnalyticsObject function| ga object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| UET function| UET_init function| UET_push function| __ctcg_ct_45964_exec object| ueto_18cdd75653 object| uetq object| process string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| gaconnector2 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| __adroll_consent_data function| lintrk object| ORIBILI function| __cmp function| __tcfapi function| __gpp object| _cq object| adroll_exp_list object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild string| _linkedin_data_partner_id object| $mcSite

27 Cookies

Domain/Path Name / Value
secure.bill4time.com/B4T2 Name: UTCOFFSET
Value: 60
.bill4time.com/ Name: B4TSTATEID
Value: fu4xhv2uqpvhq4l1yxsps4ov
.bill4time.com/ Name: mp_c18f80af9e1cd47e6e8de016212c02e6_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218bca3032ef9eb-012fcf19e50bf3-66385e53-1d4c00-18bca3032f0985%22%2C%22%24device_id%22%3A%20%2218bca3032ef9eb-012fcf19e50bf3-66385e53-1d4c00-18bca3032f0985%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.bill4time.com/ Name: _gcl_au
Value: 1.1.969614260.1699904239
.bill4time.com/ Name: _ga_ZQY3BNXSP5
Value: GS1.1.1699904239.1.0.1699904239.60.0.0
.youtube.com/ Name: YSC
Value: frgHClPHaow
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: IW_-2T2lw_Y
.bill4time.com/ Name: _ga_CEFYS3CR6P
Value: GS1.1.1699904239.1.0.1699904239.0.0.0
.bill4time.com/ Name: _ga
Value: GA1.2.36678495.1699904240
.bill4time.com/ Name: _gid
Value: GA1.2.529588888.1699904240
.bill4time.com/ Name: _cq_duid
Value: 1.1699904239.czqjTenXdyWu9RIO
.bill4time.com/ Name: _cq_suid
Value: 1.1699904239.cUIfQn7ZopAaEwM4
.bill4time.com/ Name: _uetsid
Value: 0f1e1080825c11ee98e9439d79f71987
.bill4time.com/ Name: _uetvid
Value: 0f1e3cc0825c11ee9fd6cfdd90253f90
.bill4time.com/ Name: _dc_gtm_UA-2204017-19
Value: 1
.bill4time.com/ Name: gaconnector2_id
Value: 17e67e48-e17b-f07b-de7c-f073508935c9
.bing.com/ Name: MUID
Value: 3C5D0D8223C365891F4F1E4A22486410
obs.esnchocco.com/ Name: cg_uuid
Value: 6ac9c448e55224d578cd05b8099f4778
.bill4time.com/ Name: _ga_GB88YJK8P6
Value: GS1.2.1699904240.1.0.1699904240.60.0.0
.linkedin.com/ Name: li_sugr
Value: 8ec69877-2aed-4235-90e7-6c5ecc4f459f
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2639:u=1:x=1:i=1699904240:t=1699990640:v=2:sig=AQF0KNrOWuutFtQwnm6IhDM8hNNXDw8z"
.linkedin.com/ Name: UserMatchHistory
Value: AQJvdtwQLQLZfAAAAYvKMDu5qBaoBrrQ1lZkT6QubHTW_ces8bDWVikel4fQGmNwjdo4AfIzatqX1A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK9k0wo-XmS5AAAAYvKMDu5Z9R6GgBVfHYQ0B9GAKPGKyYzC4u7ofyZj5SorxCpNGXSpcDzJnvVRdBrjdOnsA
.linkedin.com/ Name: bcookie
Value: "v=2&5a3af404-8ef0-4e87-8109-d13e001ecb3d"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231113193720b638a982-152f-4400-8490-0e79cbcd2403AQFykB-q1YKgjbBMoqA-yR1UhqPrWEDp"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTk5MDQyNDA7MjswMjGGcFLSUTig1BHhDfnS33nnXYm9fksU2UhBoH+jKlkjFg==
secure.bill4time.com/ Name: B4TDST
Value: false

1 Console Messages

Source Level URL
Text
network error URL: https://secure.bill4time.com/B4T2/css/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://*.b4tportal.com https://*.b4tportal.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
bat.bing.com
chimpstatic.com
d.adroll.com
fonts.googleapis.com
ob.esnchocco.com
obs.esnchocco.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
secure.bill4time.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
track.gaconnector.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.youtube.com
13.107.42.14
184.25.158.47
2001:4860:4802:32::36
2001:4860:4802:34::36
2600:1901:0:7a0b::
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:20ab:6200:1e:4f23:dd00:93a1
2600:9000:2644:a800:6:9280:1080:93a1
2606:4700:20::681a:36e
2606:4700::6812:4c2
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:400c:c0d::9c
2a02:26f0:e600::687c:baa
2a05:d018:cc3:fe04:12eb:61d6:678d:3321
35.190.25.25
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
1cb59ae50f08ccc50360cd1f808b1aa9df85a9502acd93c803400a344fcf072b
1ce8872fab6abc2278549b2854e17aace4969f0afda33e6eb49ac2bf0871f5ab
1d8b27d64576846dff6066211fdc9494793dfe134d191192eb2fae4bda55ef41
223b0416a0baa7a9f9f66e776ea09be7f37746a47b73660571c7bca8420779fa
3a4eee640bc6395973d9edb2b170c9c7f92c88690d531e97ba08430bb2bb4fcc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
441197c2fcf9d60f2bef6cce53a185a7fd1b57c555b1c65541ed534fc0b1ff83
44bb92a28b3f5455792448f4d1be252a6ffc289d2b576b52fab162efa90c24e6
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
4b3036ee197372bd1e730928fc1affcd0dd02e36b9a8bc4a834d954320bc77dd
53ed652c4ef9ae06063e9e261d8dc730a32c7f94e5fc8e9c0cb7a5976e74f6b3
57ddc80a83b7c2725f861ba42c8eab5fae1485702323dcb3849ea30f8e4a9930
5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289
5d1a78ab6ea5124bb3b7d078372a26558e01d9a1ef2606de72cff566f6b52708
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
62b221d89d800143204d7b5912c626c0efe19cae03deaacfab359c2c8564452c
667114cbfc4bb69e979947ba816f7fca7c2c171686443f81ac13e400dabf1b7a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de1d88bdce66091ddf295824d0c16ed960f931da56fa2cf9df942b965243789
6ffa4c9916c304de9d97c987761b8026db480727c9c162a738b1eb5267c990f6
82f257bd01c801bfbb82cd94ec12011edb1fcddc1d2496f41797c94ffb851d48
8477bfde0b8426462577859581c3f392326d6a1ba05c0a102a6ff9aebe0d7343
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f1c0105dfcee3f44635845a36d7d052c304c73cc0ca040c6b5ce5c70358f9c5
9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da
90b4dc2fe01571c29c6754d8d16406fa2a73c82bf471b28a60c803fe20cad7bf
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98205111a0215c7dc60c077a491cfc223ca06d2c0153105be41fcbac0dc474a8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a94ab68b267b68c46320294258d15b3755193ee5bc03075dc45bd17de645523f
ae4e7983f84cd21267f3a1100027481cf173e6ffb43be8d334ec67d1c3f5e24e
b640b84427dfd43e10f0385803559c504c1878020635fd7e51f646137622d814
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
d8c318872091c32da4d21fba7d93dc335e0b93ccaae29b946a6e36dc8f61bff5
db5231e26cf13e232ddaac5d7f4488cb8371c305099967db84a95a0eded72ac1
dca1381ed449fd3e4f4aa3dd96ce9be8923b54fa23c55d388fd14a6b9acf9e08
dcb7f1af264a3ad7738735b2c70f73c334f78dbbf95392d2744631da47de7dd5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e257a21a9eaa80ee0be2f26bd21a6ef51298df64291cafdad50c2c960e8e039f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec13e5128f089017a7bafb08f2527cb614b22ea7820ebc177f242c30d240ed04
ed5425c2fe1e3c02900b2274831e6be8193b16ddaa23cd6661cbd68dc21a31ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390