www.bill4time.com Open in urlscan Pro
2606:4700::6812:5c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://reviews.bill4time.com/
Effective URL:
https://www.bill4time.com/
Submission: On April 10 via automatic, source certstream-suspicious (April 10th 2022, 12:38:26 am UTC) — Scanned from DE

Summary HTTP 214 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 25 domains to perform 214 HTTP transactions. The main IP is 2606:4700::6812:5c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bill4time.com.
TLS certificate: Issued by E1 on March 26th 2022. Valid for: 3 months.

This is the only time www.bill4time.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:cf9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 56	2606:4700::68... 2606:4700::6812:5c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	96.16.137.109 96.16.137.109	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.221.130.247 3.221.130.247	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
17	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:206... 2600:9000:206f:d000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.226.66.211 3.226.66.211	14618 (AMAZON-AES) (AMAZON-AES)
1	34.197.253.42 34.197.253.42	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
2	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	52.48.63.232 52.48.63.232	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
64	143.204.215.107 143.204.215.107	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	96.16.131.108 96.16.131.108	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
214	34

1 2606:4700::6810:cf9b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

reviews.bill4time.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2606:4700::6812:5c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bill4time.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.137.109 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-109.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.130.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-130-247.compute-1.amazonaws.com

tracker.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:d000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.66.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-66-211.compute-1.amazonaws.com

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.253.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-253-42.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.63.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-63-232.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.215.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-107.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.131.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-131-108.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5540	753 KB
57	bill4time.com 2 redirects reviews.bill4time.com www.bill4time.com	1 MB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	1 MB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2529 d.adroll.com — Cisco Umbrella Rank: 1594	78 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 Failed static.doubleclick.net — Cisco Umbrella Rank: 340	2 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 6051 bootstrap.api.drift.com — Cisco Umbrella Rank: 6327	455 B
6	clarity.ms 1 redirects l.clarity.ms — Cisco Umbrella Rank: 2121 c.clarity.ms — Cisco Umbrella Rank: 637	24 KB
5	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 272	22 KB
5	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2982 f.vimeocdn.com — Cisco Umbrella Rank: 3107	218 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	58 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 482 www.linkedin.com — Cisco Umbrella Rank: 603 px4.ads.linkedin.com — Cisco Umbrella Rank: 4702	3 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 4 Failed	14 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 378 c.bing.com — Cisco Umbrella Rank: 234	13 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	gaconnector.com tracker.gaconnector.com — Cisco Umbrella Rank: 64149 track.gaconnector.com — Cisco Umbrella Rank: 40730	8 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 942 pro.fontawesome.com — Cisco Umbrella Rank: 5595	212 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5383	628 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	136 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 510 p.typekit.net — Cisco Umbrella Rank: 625	1 KB
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4791	648 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 913	3 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 32514
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1755	14 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 5612	436 B
214	25

	Domain	Requested by
64	js.driftt.com	www.bill4time.com js.driftt.com
56	www.bill4time.com	1 redirects www.bill4time.com
17	www.youtube.com	www.bill4time.com www.youtube.com
8	s.adroll.com	2 redirects www.googletagmanager.com www.bill4time.com s.adroll.com
5	jnn-pa.googleapis.com	www.youtube.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bill4time.com
4	metrics.api.drift.com	js.driftt.com
4	l.clarity.ms	bat.bing.com l.clarity.ms
3	www.google.com	www.youtube.com www.bill4time.com
3	googleads.g.doubleclick.net	www.bill4time.com www.youtube.com www.googleadservices.com
3	www.google.de	www.bill4time.com
3	i.vimeocdn.com	player.vimeo.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.bill4time.com
3	pro.fontawesome.com	www.bill4time.com pro.fontawesome.com
2	bootstrap.api.drift.com	js.driftt.com
2	px.ads.linkedin.com	2 redirects
2	c.clarity.ms	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	static.doubleclick.net	www.youtube.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	f.vimeocdn.com	player.vimeo.com
2	track.gaconnector.com	www.googletagmanager.com track.gaconnector.com
2	fonts.gstatic.com	www.youtube.com
2	www.googletagmanager.com	www.bill4time.com www.googletagmanager.com
2	tracker.gaconnector.com	www.bill4time.com tracker.gaconnector.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	chimpstatic.com	www.bill4time.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	d.adroll.com	s.adroll.com
1	analytics.google.com	www.googletagmanager.com
1	lltrck.com	www.bill4time.com
1	player.vimeo.com	www.bill4time.com
1	p.typekit.net	use.typekit.net
1	cloud.typography.com	1 redirects
1	use.typekit.net	www.bill4time.com
1	use.fontawesome.com	www.bill4time.com
1	reviews.bill4time.com	1 redirects
214	40

This site contains links to these domains. Also see Links.

Domain
support.bill4time.com
www.getapp.com
www.capterra.com
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.bill4time.com E1	`2022-03-26` - `2022-06-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-07` - `2023-04-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2021-07-25` - `2022-08-26`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.bill4time.com/
Frame ID: 0800F29C2B6910DABE3F42C85463F908
Requests: 112 HTTP requests in this frame

Frame: https://player.vimeo.com/video/325314642
Frame ID: 17C951AC2587FDB691110E545FEBC77C
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
Frame ID: 3D31D2B2BB6DB25E965A30C499CB373C
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
Frame ID: B33A689BA18CF14B0612D1132B3D3FD4
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
Frame ID: CD038C6C8743DFA2A86DCD073A4636EF
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Time Billing Software | Bill4Time

Page URL History Show full URLs

https://reviews.bill4time.com/ HTTP 301
https://www.bill4time.com/reputation-management HTTP 301
https://www.bill4time.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

214
Requests

94 %
HTTPS

58 %
IPv6

25
Domains

40
Subdomains

34
IPs

4
Countries

4405 kB
Transfer

12596 kB
Size

64
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://support.bill4time.com/hc/en-us
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://www.getapp.com/finance-accounting-software/a/web-based-time-billing-software/reviews/bc80894a6e/
Title: GetApp | Read the full review

Search URL Search Domain Scan URL

URL: https://www.capterra.com/p/114603/Bill4Time/reviews/292161/
Title: Capterra | Read the full review

Search URL Search Domain Scan URL

URL: https://www.capterra.com/p/114603/Bill4Time/reviews/292229/
Title: Capterra | Read the full review

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/bill4time-professional-time/id286277583?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bill4time.mobile&hl=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bill4time

Search URL Search Domain Scan URL

URL: https://twitter.com/bill4time/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Bill4TimeTraining

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reviews.bill4time.com/ HTTP 301
https://www.bill4time.com/reputation-management HTTP 301
https://www.bill4time.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://cloud.typography.com/7594856/7474392/css/fonts.css HTTP 302
https://www.bill4time.com/fonts/674728/877D5E538BA8D66F6.css

Request Chain 76

https://s.adroll.com/j/exp/D43VSAFW4ZHDTLM3L6JTTA/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 77

https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 83

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 118

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 143

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&RedC=c.clarity.ms&MXFR=350E4DE5B31968EE30B95C67B7196616 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&MUID=27F0E65FCB676A182B0CF7DDCAB56B67

Request Chain 149

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D386444%26time%3D1649551101157%26url%3Dhttps%253A%252F%252Fwww.bill4time.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true&e_ipv6=AQLBVqv5p0oZAAAAAYAQ6E4zdcodioCa4alTXC0kIksluaihJPeTJTwoI0JZSCAhSFYXgjgtBy9iH2gXn7Q3cspMqBfp

214 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bill4time.com/
Redirect Chain

https://reviews.bill4time.com/
https://www.bill4time.com/reputation-management
https://www.bill4time.com/

82 KB
12 KB

618ms
618ms

Document
text/html

2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d3a1d2b6daf6eaaec581d58af19ad85cd01139f14c58aed8433a3b6fde3c22e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 6f976b2b4dcf839c-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 00:38:16 GMT
etag: W/"14990-Jg9hbkmjlInXwjCQqeawbL4sCkA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

cache-control: max-age=3600
cf-ray: 6f976b2b2d87839c-MXP
date: Sun, 10 Apr 2022 00:38:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 10 Apr 2022 01:38:15 GMT
location: https://www.bill4time.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.css
www.bill4time.com/css/ 188 KB
33 KB 848ms
848ms Stylesheet
text/css 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/css/index.css

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

20c4bf71081651f0831a53674b2130b2df429707e69a532e12b91f9e66b676b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Mon, 03 Jan 2022 21:22:52 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2ef37-17e21d2d4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b2f4b6b839c-MXP
expires: Wed, 13 Apr 2022 00:38:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 483ms
435ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.bill4time.com/
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FW600PD21DYNY69G
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: l3cAZ0VF1hHkY8W6zu9x6kpOsEY3AoUXpIm4PMzqRYvyQCzKSJQWedYzyHPN+qfwSwzeHcBxFjg=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW8h7TKrCL7VS0PPgr%2BXIVwZ1Jyecb0AQbwA9GAWVRBsiezdl7Lnuda9ZN%2F0C6tkmMS3UPP99ChzSVs7KQwQ3X6Qn%2FyrGkzar9Uv1P3oaisp%2BJesSjEm1vxzcl2W866PLVzyoYKVBm%2BsXxSahV3ZDkOk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6f976b2f9dd783be-MXP

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.7.2/css/ 77 KB
16 KB 496ms
434ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a

Request headers

Referer: https://www.bill4time.com/
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:16 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: FW69NAH7DST5XRT7
x-amz-id-2: mklUm4dmKc9EG4qPtj0O2WqTDedAnq69ZRehqQ/HilbMASZZ3h7o+wsuABTjXrE1PaCc1dOMTbk=
last-modified: Mon, 28 Jun 2021 17:36:14 GMT
server: cloudflare
etag: W/"8f17a5dd66766d27715ec7925ed120fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6f976b2fbb97839d-MXP

GET
H2 200 wko0zsg.css
use.typekit.net/ 6 KB
1 KB 175ms
134ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wko0zsg.css

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9e7f01b6772a037bc0590254092e9031e097963fd9b20e9428b37114ac3e91f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 10 Apr 2022 00:38:16 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 892

GET
H2

200

877D5E538BA8D66F6.css
www.bill4time.com/fonts/674728/
Redirect Chain

https://cloud.typography.com/7594856/7474392/css/fonts.css
https://www.bill4time.com/fonts/674728/877D5E538BA8D66F6.css

83 KB
61 KB

958ms
957ms

Stylesheet
text/css

2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/fonts/674728/877D5E538BA8D66F6.css

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5f9c7c231ed5e0fee42ba14085a7f2a86d31e470d95c9115d6fb4dad8bf13b38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:07:59 GMT
server: cloudflare
x-powered-by: Express
etag: W/"14a5a-16d2182be44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b379f34839c-MXP
expires: Wed, 13 Apr 2022 00:38:18 GMT

Redirect headers

Date: Sun, 10 Apr 2022 00:38:17 GMT
Last-Modified: Wed, 18 Jul 2018 20:44:58 GMT
Server: AkamaiNetStorage
ETag: "8b6c93865abd4a48eaa9720a3ec882c6:1531946698"
Content-Type: text/html
Location: https://www.bill4time.com/fonts/674728/877D5E538BA8D66F6.css
Cache-Control: must-revalidate, private
Connection: keep-alive
X-HCo-pid: 16
Content-Length: 154
Expires: Sun, 10 April 2022 00:38:17 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
www.bill4time.com/js/third_party/ 94 KB
34 KB 727ms
727ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/third_party/jquery-1.11.2.min.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"176bf-16d2182cb44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b2f4b6c839c-MXP
expires: Wed, 13 Apr 2022 00:38:16 GMT

GET
H2 200 homepage.css
www.bill4time.com/css/homepage/ 36 KB
7 KB 620ms
620ms Stylesheet
text/css 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/css/homepage/homepage.css

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ef186b54ed310784f5a76896db3a9eaaf8d6cde6c2609f595d362d4a96739240

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Mon, 03 Jan 2022 21:22:51 GMT
server: cloudflare
x-powered-by: Express
etag: W/"8ef7-17e21d2d251"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b2f4b6e839c-MXP
expires: Wed, 13 Apr 2022 00:38:16 GMT

GET
H2 200 bill4time-logo-rev.svg
www.bill4time.com/images/svg/ 3 KB
1 KB 495ms
495ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/bill4time-logo-rev.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

feddd0ae24f651d89bed0156dd9474669b261ae3ba950677ca572a5851c69e72

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"bcb-16d2182c847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b39ba91839c-MXP
expires: Wed, 13 Apr 2022 00:38:18 GMT

GET
H2 200 VideoScreen.jpg
www.bill4time.com/images/promo/ 84 KB
84 KB 962ms
961ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/promo/VideoScreen.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2fd1b692fe9c040fa508885bb4994b08625bd691923b822f78f3288a817341fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"14f0c-16d2182c6df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3ceef6839c-MXP
content-length: 85772
expires: Wed, 13 Apr 2022 00:38:18 GMT

GET
H2 200 JasonH.png
www.bill4time.com/images/testimonial/ 20 KB
20 KB 643ms
643ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/testimonial/JasonH.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e858687dcb2c6c024fc997d113f06db3146f3f601a8a4afd6bff54250001ec33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 12 May 2020 16:35:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4e8b-17209be0bf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3d980b839c-MXP
content-length: 20107
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 SuzieF.png
www.bill4time.com/images/testimonial/ 21 KB
21 KB 635ms
635ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/testimonial/SuzieF.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6cf8975d006d88beb0dd98151db2b6f15db2501aecc9488366ff57c5d9f31c40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 12 May 2020 16:35:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"5402-17209be0bf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db822839c-MXP
content-length: 21506
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 ShanaB.png
www.bill4time.com/images/testimonial/ 23 KB
23 KB 767ms
767ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/testimonial/ShanaB.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2bfa6198687cdc2f37c440d6254675f95b4d2dd63ae594f3154e33a2d36a8db3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 12 May 2020 16:35:49 GMT
server: cloudflare
x-powered-by: Express
etag: W/"5bbe-17209be0bf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db823839c-MXP
content-length: 23486
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 box-125.png
www.bill4time.com/images/logo/ 36 KB
36 KB 770ms
769ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/logo/box-125.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0d21ecba2d39902410c0b95ae7a74399428c0e8a1e235568a3e2345c83d9b3fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"9145-16d2182c3b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db824839c-MXP
content-length: 37189
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Google-Calendar-sm.png
www.bill4time.com/images/icons/ 5 KB
6 KB 515ms
514ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/icons/Google-Calendar-sm.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

17cc73f45e1e3f029df689efaf2b6e534ed24437c3d4df849af917e74bb0de43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1594-16d2182c2b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db826839c-MXP
content-length: 5524
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Quickbooks-sm.png
www.bill4time.com/images/icons/ 4 KB
4 KB 519ms
518ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/icons/Quickbooks-sm.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d0429ecdd7cd85ad9aaa06644a2f2a00b9f31ea7b47f88e051d0b8911d2bf5f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"ebd-16d2182c2c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db827839c-MXP
content-length: 3773
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Outlook-sm.png
www.bill4time.com/images/icons/ 4 KB
4 KB 517ms
512ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/icons/Outlook-sm.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

10e14c603c8b17a4eca4117a369db182aa16ae9c0a4ee6291b62bb76ca9e8b95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"e48-16d2182c2c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db82e839c-MXP
content-length: 3656
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images2.jpg
www.bill4time.com/images/photos/ 18 KB
19 KB 687ms
682ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images2.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

851ca077bdbd718b428cc9703ce05cc0c83713b2003ba5e450688e56e5695f53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"499f-16d2182c46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db833839c-MXP
content-length: 18847
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images1.jpg
www.bill4time.com/images/photos/ 17 KB
17 KB 662ms
657ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images1.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f770bdf12ad793925e57b640e626dca5846302939f747eb7863b8abf22e5cdab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4351-16d2182c46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db834839c-MXP
content-length: 17233
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images3.jpg
www.bill4time.com/images/photos/ 33 KB
33 KB 764ms
760ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images3.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4abd853fcf7a6144bb881530f26723653e273f3f1aca09d188ecaaf04785649b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"8347-16d2182c46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db835839c-MXP
content-length: 33607
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images-virtual-office.jpg
www.bill4time.com/images/photos/ 15 KB
15 KB 633ms
629ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images-virtual-office.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

41b5c55cdb844d1a801633981f74ff97a512aa84edbe5689bc226d27aa3fc87c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3bcc-16d2182c45f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3db837839c-MXP
content-length: 15308
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images-feel-productive.jpg
www.bill4time.com/images/photos/ 31 KB
31 KB 813ms
809ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images-feel-productive.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5e2412fe132c63297c961460a17cec971be790e19e3269ac40b05639fbace02f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7ba0-16d2182c45f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dc846839c-MXP
content-length: 31648
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Story-Card-Images-time-tracking-culture.jpg
www.bill4time.com/images/photos/ 27 KB
27 KB 814ms
809ms Image
image/jpeg 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Story-Card-Images-time-tracking-culture.jpg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

017e22026a35a2456a173504461fdbd533de5beeaa38f5196e286b239e329d1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6c64-16d2182c45f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dc847839c-MXP
content-length: 27748
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 bill4time_icon.svg
www.bill4time.com/images/svg/ 658 B
417 B 545ms
542ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/bill4time_icon.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e1950711d871a6e712187f31e08bdd51107cd40dc41e38cea1a1ff633e5d0a66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"292-16d2182c847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dc849839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 available-on-the-App-Store.png
www.bill4time.com/images/buttons/ 8 KB
8 KB 556ms
552ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/buttons/available-on-the-App-Store.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

959a3fa0255a8c34e2b7f4fa09467c29c3498f93a2cd78670a64f83a8dc69420

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"20da-16d2182c103"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dc84b839c-MXP
content-length: 8410
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 available-on-Google-Play.png
www.bill4time.com/images/buttons/ 19 KB
19 KB 640ms
636ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/buttons/available-on-Google-Play.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e940d682e5ac93be86e563838f174d5a2d940b53cc1cd3b71223fba35364d538

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Thu, 09 Jan 2020 20:56:47 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4ce9-16f8c186790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dc84c839c-MXP
content-length: 19689
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 require.js Show response
www.bill4time.com/js/third_party/ 15 KB
6 KB 497ms
497ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/third_party/require.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c6eee91c8cd834e17e5f34f1f79b7f5157b90003448a023124dda10560bba0a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"3be0-16d2182cb83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b349ae8839c-MXP
expires: Wed, 13 Apr 2022 00:38:17 GMT

GET
H2 200 gaconnector.js Show response
tracker.gaconnector.com/ 5 KB
2 KB 319ms
100ms Script
text/javascript 3.221.130.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gaconnector.com/gaconnector.js
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.130.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-130-247.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 746489935e1772a5891b76a419224fbf30232e23e95c4fb571883a95255eba1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:17 GMT
content-encoding: gzip
server: nginx/1.18.0
content-length: 2035
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
71 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0b2b280eef7affb3290c61f847a81d84d9d58b5fdbab2e9c00d08d787c0472e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72665
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Apr 2022 00:38:18 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 70ms
14ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dc7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wko0zsg&ht=tk&f=16353.37457.37460.37461.37462.37463.37464.37466&a=613907&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wko0zsg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:16 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK 325314642 Show response
player.vimeo.com/video/ Frame 17C9 15 KB
14 KB 239ms
209ms Document
text/html 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/325314642

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

943d5a6a78471e0f3d9d23cc8d30c2e23becc9287f7908e5042caa8113c74231

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bill4time.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 10798
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Apr 2022 00:38:18 GMT
Expires: Sun, 10 Apr 2022 00:48:11 GMT
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-Player-Backend: p
X-Served-By: cache-hhn4052-HHN
X-Timer: S1649551099.544504,VS0,VE202
X-VServer: infra-playproxy-b-3
X-Varnish-Cache: 1
X-Vimeo-DC: ge
X-Xss-Protection: 1; mode=block

GET
H2 200 b4VKohE_Z0s Show response
www.youtube.com/embed/ Frame 3D31 61 KB
26 KB 92ms
55ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/b4VKohE_Z0s

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83496b41d36072fe7780a424332e28e83993d296f5f24389d55ebd5631bf4561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bill4time.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 10 Apr 2022 00:38:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gaconnector-server.js Show response
tracker.gaconnector.com/ 458 B
412 B 112ms
111ms Script
text/javascript 3.221.130.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gaconnector.com/gaconnector-server.js?page_url=https%3A%2F%2Fwww.bill4time.com%2F&referer=
Requested by: Host: tracker.gaconnector.com
URL: https://tracker.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.130.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-130-247.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9068bee0725b95216accf91a303e6f509972842ee4096c305940113ad0cc9b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-length: 290
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 menu-bar-background.svg
www.bill4time.com/images/svg/ 765 B
427 B 547ms
547ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/menu-bar-background.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ecebbb2fbb5a4be9a4b89377fa16f412258f429c4d9695e9042f2b83ea5270fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2fd-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dc854839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 background-color-band.png
www.bill4time.com/images/background/ 32 KB
32 KB 753ms
753ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/background/background-color-band.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a42b3fe1ed4b2e0cca74c0df1798a9b3708802a84e9bc619791bd31aec7e5d23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"8040-16d2182c086"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dc856839c-MXP
content-length: 32832
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 Video_hero.png
www.bill4time.com/images/photos/ 210 KB
210 KB 878ms
877ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/photos/Video_hero.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e2a6c48e685e42af7976969e272ae6a62f3541a8683e47b4a5ac44af020ed65c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:01 GMT
server: cloudflare
x-powered-by: Express
etag: W/"347b1-16d2182c46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dd85e839c-MXP
content-length: 214961
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 bar-background.svg
www.bill4time.com/images/svg/ 612 B
442 B 544ms
542ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/bar-background.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

488036fd8b0929b45c82810e81accd8653a3daf595a8881b6dd1197cade921c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"264-16d2182c837"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd860839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 case-management.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1067ms
1064ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/case-management.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

becf06b7892b16973b2fef994efb142c7d67f408c53c2e94dae504bcf8995153

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18b5e-16d2182c847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd861839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 task-management.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1093ms
1091ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/task-management.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b7a109a6eee635a277414a0ec0e870ba3cf364b51463749b86ebf698f36219e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18d87-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd864839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 document-management.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1185ms
1183ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/document-management.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f8e1f377588717e1ddc0ef0a0f256630cd7822e8aa4dbdb0a576555e22d99592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18cc1-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd865839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 trust-accounting.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1196ms
1193ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/trust-accounting.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b38128cc61fa3e741bc1c943f032264501cbe1fbd7459ef2204f6366b47149fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18c82-16d2182c866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd86d839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 customize-invoices.svg
www.bill4time.com/images/svg/ 98 KB
45 KB 1194ms
1191ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/customize-invoices.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

125bff7712e54873a1471b378143e9562dce2ba97915b547c40b513aa91718c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"187fa-16d2182c847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd871839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 online-offline.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1069ms
1067ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/online-offline.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2af7b177ebb6c2aa1b3764a0fd7ac2b49752bdd2a120b36d531694ec09ee1f33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18b43-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd873839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 batch-invoices.svg
www.bill4time.com/images/svg/ 99 KB
45 KB 1188ms
1185ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/batch-invoices.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

688980e4845a4d2f59a43b03c261ac4674ecf2a74d268544ca31de1cb7ead7ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18a62-16d2182c837"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd876839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 online-payment.svg
www.bill4time.com/images/svg/ 98 KB
45 KB 1085ms
1082ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/online-payment.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a288c8c36f18be3d28a598feb15c29d2128c2f34e5ca603f8d738055eae7d50b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"18934-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd87a839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 bill4time-icon-dropback.png
www.bill4time.com/images/background/ 14 KB
14 KB 747ms
745ms Image
image/png 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/background/bill4time-icon-dropback.png

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e09b5d7df262b549ee056c6fcf4348b38389930d9ca4109ca8b0ab8bd3bbb710

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:00 GMT
server: cloudflare
x-powered-by: Express
etag: W/"383d-16d2182c086"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dd87c839c-MXP
content-length: 14397
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 story-mark.svg
www.bill4time.com/images/svg/ 365 B
321 B 600ms
599ms Image
image/svg+xml 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bill4time.com/images/svg/story-mark.svg

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/homepage/homepage.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d713cde303b1f50bd72af2583a0b75e2294a67b0028fd743a1ec4b4d8f637af9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/css/homepage/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"16d-16d2182c856"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=259200
cf-ray: 6f976b3dd87d839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80788163a708db724a2be8bd80efaf87c9000abc1e38f832fe810e33eb4d71e4

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 fontawesome-webfont.woff
www.bill4time.com/fonts/ 64 KB
64 KB 885ms
884ms Font
font/woff 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bill4time.com/css/index.css
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:07:59 GMT
server: cloudflare
x-powered-by: Express
etag: W/"ffac-16d2182bfab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dd87f839c-MXP
content-length: 65452
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.7.2/webfonts/ 115 KB
115 KB 463ms
461ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7

Request headers

Referer: https://pro.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: GD6Z0MK32M3PBYTX
content-length: 117616
x-amz-id-2: XMXILA5oVdvj+gbFJneSKKcicS10QD5aXIMtMgl/6B9XBFBPHAj3ibyGa5q9j4Sz7z9cMUhAk5A=
last-modified: Mon, 28 Jun 2021 17:37:21 GMT
server: cloudflare
etag: "00d3012700332144ce43a62a3b7ec4f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6f976b3ddd56839d-MXP

GET
H2 200 glyphicons-halflings-regular.woff2
www.bill4time.com/fonts/ 18 KB
18 KB 745ms
745ms Font
font/woff2 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bill4time.com/css/index.css
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:07:59 GMT
server: cloudflare
x-powered-by: Express
etag: W/"466c-16d2182bfbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=259200
accept-ranges: bytes
cf-ray: 6f976b3dd883839c-MXP
content-length: 18028
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.7.2/webfonts/ 70 KB
71 KB 426ms
426ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567

Request headers

Referer: https://pro.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: GD6YMTJ5ES373R1A
content-length: 72124
x-amz-id-2: mmtURyU7Q0D4Bu009OGm8k+OyNnyk+ZVAr9WDKpTcTZkyqyibtx4nWoWpCcUoT6AWCDEWj5eG1A=
last-modified: Mon, 28 Jun 2021 17:37:21 GMT
server: cloudflare
etag: "99f3121dc63babcf368cb6aee3b535f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6f976b3ddd57839d-MXP

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a6ece4300b8d7c6ac549454f22c0097960f6fd895f20022f73817f1d5416d26

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c

Request headers

Referer
Origin: https://www.bill4time.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 require_startup.js Show response
www.bill4time.com/js/ 3 KB
1 KB 603ms
602ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/require_startup.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6f83de9a9b87d22651b20dd74024e8944e554915272d8b62e95da2fcd86df67c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a6b-16d2182cb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b3eb9b1839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/3b5d5649/ Frame 3D31 346 KB
47 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47442
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame 3D31 278 KB
86 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 15:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87898
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Apr 2023 15:54:03 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 2 MB
526 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537836
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame 3D31 9 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 20:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Apr 2023 20:33:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D31 15 KB
16 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 372697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:06:41 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 93 KB
37 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-N5VXDQ8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a0ff255947964646669c22d00a61fb775f1b354fcd0581ce1910a7843d23167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37306
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Apr 2022 00:38:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 42ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc4fdec388c7c2dc2f5cbeadf2b8f93db4aaa257c5e2bf8c71976ab443e70398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66310
x-xss-protection: 0
expires: Sun, 10 Apr 2022 00:38:18 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 50 KB
16 KB 40ms
12ms Script
text/javascript 2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: HNfyhH5qmLK0DbB1EQ.ihnSY7i0OY2m4
Content-Encoding: gzip
Etag: W/"ca2ef7b6ff5ea3fd1c2fdd160e7243b2"
Age: 1658
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 Apr 2022 19:05:26 GMT
Server: AmazonS3
Date: Sun, 10 Apr 2022 00:10:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OOWNZ_IpfvWBR9MomHeiekwAMDGSrHoNhugNkiIDQaoRHJcDMrzc0w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3808
date: Sat, 09 Apr 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 10 Apr 2022 01:34:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 78ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5E52F432ED84508B9ECD8930156EB65 Ref B: FRAEDGE1310 Ref C: 2022-04-10T00:38:18Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 10 Apr 2022 00:38:18 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
514 B 29ms
29ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0accb6518b8cf5acd005e285c2ec570a9708c638124a07945fd400a181c710d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 10 Apr 2022 00:38:18 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ 10 KB
5 KB 1119ms
191ms Script
text/javascript 3.226.66.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.66.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-66-211.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5057c6c9ddcdc374eb8cbb4ffe7ae398b306e1cfa4b14ed68660ceafc9607381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 4444
expires: Sun, 10 Apr 2022 01:38:19 GMT

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 993ms
94ms Script
text/html 34.197.253.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=33962
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.253.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-253-42.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 769004009-4522d199dc8a6aff251ed97d2c4a01b53aaaaab4ddfa17beb2e487612b891fed-d.jpg
i.vimeocdn.com/video/ Frame 17C9 811 B
978 B 733ms
463ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/769004009-4522d199dc8a6aff251ed97d2c4a01b53aaaaab4ddfa17beb2e487612b891fed-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/325314642
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0fd0953739b8448f423ab5aac82b915cccd41df159d4f15436656b0e7dcb1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 399757
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 811
viewmaster-server: viewmaster-us-central1-wwz4
x-served-by: cache-dfw18655-DFW, cache-hhn4036-HHN
x-timer: S1649551099.069207,VS0,VE195
etag: f42fce9104cafc0f51750993a6c0a222
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.51.7/js/ Frame 17C9 792 KB
189 KB 54ms
9ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.51.7/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/325314642
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a8d8388fafc8a0da4694b82732c6950f467149356255c8c7105148cc820858db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 193478
x-served-by: cache-iad-kiad7000088-IAD, cache-fra19143-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1649551099.846110,VS0,VE0
content-length: 192918
x-cache-hits: 1, 12047

GET
H2 200 player.css
f.vimeocdn.com/p/3.51.7/css/ Frame 17C9 209 KB
20 KB 51ms
7ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.51.7/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/325314642
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b79ac520ef38beee997bfa29a2e7353b57b7eb86cd7c4ce9c570eefa12d793c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 193478
x-served-by: cache-iad-kjyo7100053-IAD, cache-fra19143-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1649551099.846018,VS0,VE0
content-length: 20659
x-cache-hits: 1, 85453

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 63ms
9ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Apr 2022 01:21:09 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/D43VSAFW4ZHDTLM3L6JTTA/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

7ms
7ms

Script
application/javascript

2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 56218
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Mar 2022 22:40:46 GMT
Server: AmazonS3
Date: Sat, 09 Apr 2022 09:01:22 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: X_GtCvEi9PY0mqBanEommrEa6zl6es6ofTzoulCITeaw1DV0tRo-SA==

Redirect headers

Date: Sat, 09 Apr 2022 21:28:32 GMT
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Age: 11386
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OIrb3jJWqTt8QtAIS5noKmBOcV2PypC-WnV2pfLNdRttIECDLuAXRg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

14ms
7ms

Script
application/javascript

2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 85689
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sat, 09 Apr 2022 01:37:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RDWFrLM_zd2aI1XWjlD6pRUCcseeOtpvlTmOpIlDffTjQ4QJ4wAVMw==

Redirect headers

Date: Sat, 09 Apr 2022 08:46:53 GMT
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Age: 57085
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: LAOy7qyitJJAXYIrQwCw0fS8LPVa1dhmczGWXnITJ3jxw1OUEsz-mg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/ 4 KB
3 KB 252ms
10ms Script
text/javascript 2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/D43VSAFW4ZHDTLM3L6JTTA/YIDTZ6J4KBF2DNUBMNMSPV/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: 1V0FrGJ2AEBMtQECCQMZX7NomB7Fxo8V
Content-Encoding: gzip
Etag: W/"33ed216ef4569e95a97e55fb39d91d38"
Age: 1640
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 Apr 2022 04:32:09 GMT
Server: AmazonS3
Date: Sun, 10 Apr 2022 00:11:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0fIl_gqf28sAqzbFr0Hr-2A3AQ5XoOvjRpaOC4lmFuV4B0dIWmY21A==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/3b5d5649/www-widgetapi.vflset/ 151 KB
49 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8221937159039b45af82459efc4c6c971226babf4e761eeaa831032535978f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50059
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Apr 2023 00:37:24 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 51ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZQY3BNXSP5&gtm=2oe3u0&_p=417701252&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=345994348.1649551099&_s=1&dl=https%3A%2F%2Fwww.bill4time.com%2F&dt=Time%20Billing%20Software%20%7C%20Bill4Time&sid=1649551098&sct=1&seg=0&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bill4time.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
340 B 60ms
19ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZQY3BNXSP5&cid=345994348.1649551099&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQY3BNXSP5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bill4time.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
20ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZQY3BNXSP5&cid=345994348.1649551099&gtm=2oe3u0&aip=1&z=1369098454

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

id
googleads.g.doubleclick.net/pagead/ Frame 3D31
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

0
0

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame 3D31 29 B
0 49ms
12ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:11 GMT
x-content-type-options: nosniff
age: 7
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Apr 2022 00:53:11 GMT

GET
H3 200 b4VKohE_Z0s Show response
www.youtube.com/embed/ Frame 3D31 61 KB
25 KB 62ms
61ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6a21b0bc746cb6bab31c2b7be3d9fd73c15e290d5ec8215a9b0f542883f2d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bill4time.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 10 Apr 2022 00:38:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3D31 28 B
54 B 18ms
18ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/b4VKohE_Z0s
X-YouTube-Client-Version: 1.20220406.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZUU5BYUpXcUlQWSj6zciSBg%3D%3D
X-YouTube-Ad-Signals: dt=1649551098788&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 10 Apr 2022 00:38:18 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 61ms
19ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 10 Apr 2022 00:38:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3D31 0
0

GET remote.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 0
0

GET o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js
www.google.com/js/th/ Frame 3D31 0
0

GET embed.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 0
0

GET
H2 200 D43VSAFW4ZHDTLM3L6JTTA Show response
d.adroll.com/consent/check/ 439 B
532 B 103ms
32ms Script
application/javascript 52.48.63.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/D43VSAFW4ZHDTLM3L6JTTA?arrfrr=https%3A%2F%2Fwww.bill4time.com%2F&_s=128b4085156977f55f488cc8cffb5b33&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.63.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-63-232.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 8b57691479207344f5d711c7c4a6634dc17b0bfcbe6dea92d5669d4b89bcfbef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
server: nginx/1.20.0
content-length: 439
content-type: application/javascript

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2204017-19&cid=345994348.1649551099&jid=232254088&gjid=1674637441&_gid=1312747045.1649551099&_u=aGBAgEAjQAAAAE~&z=1303759431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bill4time.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 10 Apr 2022 00:38:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.bill4time.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=417701252&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bill4time.com%2F&ul=en-us&de=UTF-8&dt=Time%20Billing%20Software%20%7C%20Bill4Time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjQ~&jid=232254088&gjid=1674637441&cid=345994348.1649551099&tid=UA-2204017-19&_gid=1312747045.1649551099&gtm=2wg3u0WKL4X3&cd13=Landscape&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd2=345994348.1649551099&z=607223397

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:21:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40628
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST atr
www.youtube.com/api/stats/ Frame 3D31 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 3D31 0
0

GET
H2 200 25074489.js Show response
bat.bing.com/p/action/ 844 B
843 B 181ms
180ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25074489.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

593a947c4e62bcaf923b6bbc064404419635a5a5495aba14bf02aecf12ba2b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5EC44444563B4E888B9E1C7161F5C54B Ref B: FRAEDGE1310 Ref C: 2022-04-10T00:38:19Z
date: Sun, 10 Apr 2022 00:38:18 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25074489&tm=gtm002&Ver=2&mid=8e7a8a1b-f1ac-4fb7-8861-3d93d45a1fa7&sid=848476c0b86611ecb8e7bd6a9a6432b0&vid=8484b5c0b86611eca739230b6323f90f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Time%20Billing%20Software%20%7C%20Bill4Time&p=https%3A%2F%2Fwww.bill4time.com%2F&r=&lt=3733&evt=pageLoad&msclkid=N&sv=1&rn=278958

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0ACA0DFB94D54A4E89A8DBB29DE134FB Ref B: FRAEDGE1310 Ref C: 2022-04-10T00:38:19Z
date: Sun, 10 Apr 2022 00:38:18 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 27834831_60x60.jpg
i.vimeocdn.com/portrait/ Frame 17C9 1 KB
2 KB 9ms
9ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/27834831_60x60.jpg
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/325314642
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 185475ca14a993390692bbcc0df269cbb7716d225860cf6ae95b1c292a23950c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2009601
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1365
viewmaster-server: viewmaster-us-east1-fhs3
x-served-by: cache-dfw18664-DFW, cache-hhn4036-HHN
x-timer: S1649551099.172210,VS0,VE1
etag: ee7d707a9a7e84633f63045a02937f7b
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 769004009-4522d199dc8a6aff251ed97d2c4a01b53aaaaab4ddfa17beb2e487612b891fed-d
i.vimeocdn.com/video/ Frame 17C9 6 KB
6 KB 317ms
316ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/769004009-4522d199dc8a6aff251ed97d2c4a01b53aaaaab4ddfa17beb2e487612b891fed-d?mw=640&mh=360
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/325314642
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9a609551b5826e6fa5c9805c37e47ac1446b3bd3cfac2e8570c39b08514942c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2049251
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 6129
viewmaster-server: viewmaster-us-central1-bng9
x-served-by: cache-dfw18665-DFW, cache-hhn4036-HHN
x-timer: S1649551099.214040,VS0,VE28
etag: 51d15da789c57adf7df6f4dd4df629bd
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 200 www-player.css
www.youtube.com/s/player/3b5d5649/ Frame 3D31 346 KB
46 KB 12ms
10ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47442
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame 3D31 278 KB
86 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 15:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87898
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Apr 2023 15:54:03 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 2 MB
525 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537836
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame 3D31 9 KB
3 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 20:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Apr 2023 20:33:39 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D31 15 KB
15 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 372698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:06:41 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 32ms
22ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2204017-19&cid=345994348.1649551099&jid=232254088&_u=aGBAgEAjQAAAAE~&z=1225890510

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
20ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2204017-19&cid=345994348.1649551099&jid=232254088&_u=aGBAgEAjQAAAAE~&z=1225890510

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 392 KB
54 KB 14ms
10ms Script
application/javascript 2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d41b88e85f102322f6518ab48a1cfc3b8687aedd42bef4a223aacb94b3afefd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: o01OriqlDtvpD57hQzwr4sTdG9KQBCAh
Content-Encoding: gzip
Etag: W/"c01687097ed4972335daebc2d2581891"
Age: 85
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Feb 2022 17:35:14 GMT
Server: AmazonS3
Date: Sun, 10 Apr 2022 00:36:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: aHFihoD7PmCuyoSJP_wiBHv42N0KErgp1EYqwifNFfUFKLRwe0Ee0g==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 25ms
11ms Image
image/png 2600:9000:206f:d000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 46446
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Sat, 09 Apr 2022 11:44:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: t0O6p_vMl4ezBc2AWl9Q0frtXD3zI2zjgaxU_DQNuoZlKSsd52wrWA==

GET
H2 200 b4t_tracking_data_cookie.js Show response
www.bill4time.com/js/tracking/ 1 KB
678 B 182ms
163ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/tracking/b4t_tracking_data_cookie.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fb024b3160440b02e9201a828413c3e8ee9023dabfe9cabc4e8747750af4ce93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"5be-16d2182cb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f7b839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 lodash_3.3.1.js Show response
www.bill4time.com/js/third_party/ 48 KB
18 KB 646ms
628ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/third_party/lodash_3.3.1.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9e4d1075f77c012184fc2962f746d37175b7fb2c50870625a3b08c7bddd3a6ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"bef8-16d2182cb83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f7c839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 b4t_module_loader.js Show response
www.bill4time.com/js/ 817 B
382 B 536ms
518ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/b4t_module_loader.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61eb353b044765784aad497ce4758d7662e59c51649d75b5d475d05ceb73cf2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"331-16d2182cb15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f7d839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 menuHelpers.js Show response
www.bill4time.com/js/leftNavMenu/ 300 B
282 B 525ms
516ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/leftNavMenu/menuHelpers.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

489973c18522ef1094ed5296d499892529f6ed9eb8755350daf512911218b1f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"12c-16d2182cb25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f7f839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 drift.js Show response
www.bill4time.com/js/drift/ 1 KB
612 B 532ms
524ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/drift/drift.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f4d084b050f352d82f20c43f8a3959c95e42dd79c12654bf04ae4f6dbdc6826a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"448-16d2182cb15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f80839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 bootstrap.min.js Show response
www.bill4time.com/js/third_party/ 35 KB
10 KB 609ms
606ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/third_party/bootstrap.min.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"8c75-16d2182cb44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b431f83839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 header_logic.js Show response
www.bill4time.com/js/header_logic/ 4 KB
1 KB 519ms
517ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/header_logic/header_logic.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4d884b5bc22bb5739831e5d7532b51c78e85042bfa962c15a8180efa5314a1c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"11c0-16d2182cb25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b432f8d839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H2 200 clarity.js Show response
l.clarity.ms/s/0.6.34/ 53 KB
23 KB 292ms
94ms Script
application/javascript 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/25074489.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:18 GMT
content-encoding: br
etag: "1d84a5d0beef754"
last-modified: Thu, 07 Apr 2022 08:54:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3D31
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
13ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62335c558ae03161e484db90d693592a3557340e5aed418235b63d3054d60db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Apr 2022 00:38:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3D31 29 B
54 B 24ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:11 GMT
x-content-type-options: nosniff
age: 8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Apr 2022 00:53:11 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 10 Apr 2022 00:38:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3D31 45 KB
22 KB 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfc954b50ead28b724f9705a523f8ca071fad641f6f5c7fc515b0a302d8ac9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22418
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37727
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
H3 200 o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js Show response
www.google.com/js/th/ Frame 3D31 35 KB
13 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13688
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 09:17:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 3D31 27 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8162
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3D31 4 KB
3 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 00:38:19 GMT

GET
H2 200 cookies.js Show response
www.bill4time.com/js/tracking/ 2 KB
559 B 498ms
497ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/tracking/cookies.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4f5a472bb95a32fca037b1af59000ba5371ce142e02bde15a2e38ba86d25a7a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"61b-16d2182cb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b445939839c-MXP
expires: Wed, 13 Apr 2022 00:38:20 GMT

GET
H2 200 queryStrings.js Show response
www.bill4time.com/js/utilities/ 663 B
416 B 495ms
495ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/utilities/queryStrings.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8bf4d5edd8e48db5b6196a02ee34be2d296729be57be38ed1c34e6575303e689

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"297-16d2182cb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b44593c839c-MXP
expires: Wed, 13 Apr 2022 00:38:20 GMT

GET
H2 200 encoding.js Show response
www.bill4time.com/js/utilities/ 660 B
386 B 144ms
144ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/utilities/encoding.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

56a84216404baf379b6e60b4f5a4fe685ced06284ded420340e01bab78dce3e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"294-16d2182cb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b44593d839c-MXP
expires: Wed, 13 Apr 2022 00:38:19 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 3D31 0
9 B 14ms
13ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?D0Ddig
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 3D31 52 KB
15 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 10 Apr 2022 10:57:34 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3D31 98 B
142 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b86ed6b776018a8223765ab168c1577d01d55fc30fb43c66ce57d781f333e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 10 Apr 2022 00:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 10 Apr 2022 00:38:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 collect Show response
l.clarity.ms/ 0
95 B 190ms
189ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bill4time.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.bill4time.com
date: Sun, 10 Apr 2022 00:38:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 matt5ixswpxf.js Show response
js.driftt.com/include/1649551200000/ 230 KB
66 KB 366ms
328ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1649551200000/matt5ixswpxf.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/drift/drift.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

84f4ee5263f8c771a966411abbc06f72a426240d72e728d365e0562b4147c19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 17:04:50 GMT
server: nginx
etag: W/"b7560da868b48eead1f4ca39538e5545"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a6UlJ_6s1d_u1vvDN3kM4aH2LBe9HfIQ
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7gmu7H7mzr5B-areBT6EGvzJ46fsrGB-S2oD8-cm-DgEmpnlDWaPDA==

GET
H2 200 track_pageview Show response
track.gaconnector.com/ 490 B
524 B 300ms
104ms XHR
text/javascript 3.226.66.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/track_pageview?gaconnector_id=f9b03944-c594-219a-990e-7dedabe0ecc4&account_id=350e9f3122e8ecfcac4c5551b37263d2&referer=&GA_Client_ID=345994348.1649551099&page_url=https%3A%2F%2Fwww.bill4time.com%2F&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by: Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.66.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-66-211.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85896658a289664c1f6138d32fee91ea5ff18f4259889762139bfdcd86a5bb00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
access-control-request-method: *
server: nginx/1.18.0
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-headers: *

GET
H2 200 client_registration_validation.js Show response
www.bill4time.com/js/registration/ 4 KB
953 B 501ms
500ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/registration/client_registration_validation.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cb05208bd25c63f9d1cfbd800c24aa889d4da530904b82b9212d3ce6870fb96a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1051-16d2182cb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b467c19839c-MXP
expires: Wed, 13 Apr 2022 00:38:20 GMT

GET
H2 200 client_registration_regex.js Show response
www.bill4time.com/js/registration/ 254 B
219 B 493ms
492ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/registration/client_registration_regex.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3b7c37c25cbad0392bfad4e7f80f75216f937f7c677244645422e051e052d219

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"fe-16d2182cb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b467c1a839c-MXP
expires: Wed, 13 Apr 2022 00:38:20 GMT

GET
H2 200 client_registration_logic2.js Show response
www.bill4time.com/js/registration/ 12 KB
3 KB 144ms
144ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/registration/client_registration_logic2.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

909452102ce78d25767c3fdab941fdbf3dbfb8ad080b122dfe1ce64e8c9fdb91

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"31e0-16d2182cb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b49a8c5839c-MXP
expires: Wed, 13 Apr 2022 00:38:20 GMT

GET
H2 200 client_registration_model.js Show response
www.bill4time.com/js/registration/ 2 KB
591 B 497ms
497ms Script
application/javascript 2606:4700::6812:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bill4time.com/js/registration/client_registration_model.js

Requested by

Host: www.bill4time.com
URL: https://www.bill4time.com/js/third_party/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3afaf960359689654144ecd30901d97387e6837c5ea244bc8b65220d2e95871e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:08:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"722-16d2182cb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=259200
cf-ray: 6f976b4a89fc839c-MXP
expires: Wed, 13 Apr 2022 00:38:21 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bill4time.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.bill4time.com
date: Sun, 10 Apr 2022 00:38:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 core Show response
js.driftt.com/ Frame B33A 2 KB
1 KB 117ms
116ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1649551200000/matt5ixswpxf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ee3291a7c84912dfd800b47f3e636b59260eb53d8eda4b5a98c5e91e9ccbb088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bill4time.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 00:38:21 GMT
etag: W/"fba13ffae50f6c1fc273e1773c51635a"
last-modified: Fri, 08 Apr 2022 17:04:23 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: VojfVqKEUBcltOl_U7SFPHvV01jn0t5o6z3zmndOyewWFBCLBICIbw==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: cF.cpMKbqx8sXxdoqFlc8M1FaOxzOxZV
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame CD03 2 KB
1 KB 121ms
121ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1649551200000/matt5ixswpxf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ee3291a7c84912dfd800b47f3e636b59260eb53d8eda4b5a98c5e91e9ccbb088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bill4time.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 00:38:21 GMT
etag: W/"fba13ffae50f6c1fc273e1773c51635a"
last-modified: Fri, 08 Apr 2022 17:04:23 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: wXZKhF2U5mm5vTFI5iHKVTgk6ePisUMLUQ3xGBKZopZ5SSUJ8Y5XLA==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: cF.cpMKbqx8sXxdoqFlc8M1FaOxzOxZV
x-cache: RefreshHit from cloudfront

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&RedC=c.clarity.ms&MXFR=350E4DE5B31968EE30B95C67B7196616
https://c.clarity.ms/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&MUID=27F0E65FCB676A182B0CF7DDCAB56B67

42 B
369 B

31ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&MUID=27F0E65FCB676A182B0CF7DDCAB56B67
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:20 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B675F112E664444B8CF6BEE0A5BE3854 Ref B: FRAEDGE1310 Ref C: 2022-04-10T00:38:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=93E81E1D93A745B585B9B82EA3F68A05&MUID=27F0E65FCB676A182B0CF7DDCAB56B67
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 58ms
16ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 00:38:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57051
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 41ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL4X3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14886
x-xss-protection: 0
server: cafe
etag: 11980861724045072707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 00:38:21 GMT

GET
H/1.1 200
OK 0cbc0b688d77a34872e7249c9.js Show response
chimpstatic.com/mcjs-connected/js/users/44844bb2538cb9f8af2d517ec/ 50 B
648 B 189ms
134ms Script
application/javascript 96.16.131.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/44844bb2538cb9f8af2d517ec/0cbc0b688d77a34872e7249c9.js
Requested by: Host: www.bill4time.com
URL: https://www.bill4time.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-131-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 94, 111
Date: Sun, 10 Apr 2022 00:38:21 GMT
Last-Modified: Mon, 28 Jan 2019 17:52:21 GMT
Server: AmazonS3
x-amz-request-id: Y62518RNMBZ6QTJJ
X-EdgeConnect-MidMile-RTT: 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: NdKTMxzl/OiPEtHiLS3f3fjehc1h/MJyFLpGygR+Tjx6CpDDqfA7mXn5+13Qn+MyHJJqeqvRQmI=
Expires: Sun, 10 Apr 2022 01:08:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=417701252&t=timing&_s=2&dl=https%3A%2F%2Fwww.bill4time.com%2F&ul=en-us&de=UTF-8&dt=Time%20Billing%20Software%20%7C%20Bill4Time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6185&pdt=3&dns=0&rrt=656&srt=617&tcp=0&dit=3611&clt=3611&_gst=3852&_gbt=3896&_cst=1299&_cbt=3816&_u=aHBAgEAjQAAAAE~&jid=&gjid=&cid=345994348.1649551099&tid=UA-2204017-19&_gid=1312747045.1649551099&gtm=2wg3u0WKL4X3&cd13=Landscape&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd2=345994348.1649551099&z=379225818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:21:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40630
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1056729969/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056729969/?random=1649551101143&cv=9&fst=1649551101143&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bill4time.com%2F&tiba=Time%20Billing%20Software%20%7C%20Bill4Time&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af9b4e1f457ead7b98aa2329d26a6cbf94a00416b226b00bd173813edee4bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D386444%26time%3D1649551101157%26url%3Dhttps%253A%252F%252Fwww.bill4time.com%252F%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true&e_ipv6=AQLBVqv5p0oZAAAAAYAQ6E4zdcodioCa4alTXC0kIksluaihJPeTJTwoI0JZS...

0
264 B

136ms
109ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true&e_ipv6=AQLBVqv5p0oZAAAAAYAQ6E4zdcodioCa4alTXC0kIksluaihJPeTJTwoI0JZSCAhSFYXgjgtBy9iH2gXn7Q3cspMqBfp
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 606C1F4FBB944EF2891584A99E437CE7 Ref B: FRAEDGE1516 Ref C: 2022-04-10T00:38:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcQgtzYii8aE837MYmTg==
x-li-fabric: prod-lva1

Redirect headers

date: Sun, 10 Apr 2022 00:38:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 669BA831F78A4918A91FA4DC4FCA228B Ref B: FRAEDGE0706 Ref C: 2022-04-10T00:38:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=386444&time=1649551101157&url=https%3A%2F%2Fwww.bill4time.com%2F&liSync=true&e_ipv6=AQLBVqv5p0oZAAAAAYAQ6E4zdcodioCa4alTXC0kIksluaihJPeTJTwoI0JZSCAhSFYXgjgtBy9iH2gXn7Q3cspMqBfp
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcQgtxR1abtCQQk1uJ2w==

GET
H3 200 /
www.google.com/pagead/1p-user-list/1056729969/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1056729969/?random=1649551101143&cv=9&fst=1649548800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bill4time.com%2F&tiba=Time%20Billing%20Software%20%7C%20Bill4Time&async=1&fmt=3&is_vtc=1&random=3401786783&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1056729969/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1056729969/?random=1649551101143&cv=9&fst=1649548800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bill4time.com%2F&tiba=Time%20Billing%20Software%20%7C%20Bill4Time&async=1&fmt=3&is_vtc=1&random=3401786783&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill4time.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 00:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.9c457b6e.js Show response
js.driftt.com/core/assets/js/ Frame B33A 6 KB
3 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8c4e4dd31c50fcbb99a44910cc6ea71c13ff7d2f0e1cdd075897f3fb85809fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 17:04:23 GMT
content-encoding: gzip
age: 113638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:18 GMT
server: nginx
etag: W/"7b7377b612e75289eee05a8567074cae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vHs_YgSoZ0wiBNwFU4z29vkWbpZKLxRQ
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YEVt6QShZKFELDK8yTzNlvuwb75cQgZB78_4gTySQM-atahhFV-IEA==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 58 KB
20 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6913396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IjrinihZYfCB0pm5HJjod8TGWCcxVJtW6Tuf59QYhOW8mPqgboKxxg==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y9B10_UonynWzFnpcNboOWBz36ygTl6yWqhb9iVi0aqh9j5juj6OpQ==

GET
H2 200 runtime~main.9c457b6e.js Show response
js.driftt.com/core/assets/js/ Frame CD03 6 KB
3 KB 7ms
6ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8c4e4dd31c50fcbb99a44910cc6ea71c13ff7d2f0e1cdd075897f3fb85809fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 17:04:23 GMT
content-encoding: gzip
age: 113638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:18 GMT
server: nginx
etag: W/"7b7377b612e75289eee05a8567074cae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vHs_YgSoZ0wiBNwFU4z29vkWbpZKLxRQ
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZyDAztF4GW_-cbSqo47TOAi3LgmKdNQXZ24YTb2dyTU4ChSSfDNZ3Q==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 58 KB
20 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6913396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1OJ4qajhIgVGfZSfwSgoedAaP7BYeHQRooesism67mpMSK0mQPeC8w==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GXonAI2IgoxI5jbKtbn-EquxrVCkn3EuPgI3gwXGzWQ5ewt-VSy_FQ==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 47 KB
14 KB 7ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l-cIdh-7DsuLEEXOPx3-37-zu9a9Q2IZDQJytSSSQku8vF6IxMaTfQ==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 44 KB
13 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xwsOtVPuGrPZn98KFR-qG1VUQmcZcjP0Tb-bCVUlXJQb41UKFvZJ0g==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 25 KB
8 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 02:02:27 GMT
content-encoding: gzip
age: 3710154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:14 GMT
server: nginx
etag: W/"5b39d5e49e5ec5cdb576054612a441ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XJnA0OHLJq2Sg8YOZhA99mLt3Y_c86QaHacjlFF6kWvdcioZ2hsSuA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 16 KB
5 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w1iODNBWSTUo8OwKs6XG_LJS0xeHq86FI90XntbCm6PAsaK9teEfGg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 72 KB
22 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 8239478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c9eP13TkZwxSJOTzJek5E_mldbxoaYd01NUwsd4aK_QE0xoS_vv0sA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 16 KB
6 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xVlRWlg5GZRWUysV33_bdhqb_VRqQmsasLZDf2USHYMWfa7Q82yWjg==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 59 KB
19 KB 11ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 1096455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IGJWVoMRsHpLcxp0zbeJ_zIiO.NSaRGV
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r-dawAmBkRp4NMPezuYtW1KF6_DA1qfaaVYjSjMc1V_25ACQNWJMyA==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 91 KB
28 KB 11ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 08:08:57 GMT
content-encoding: gzip
age: 3515364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:13 GMT
server: nginx
etag: W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e2qjQOIAW9hNJffeWE_0tOQp58zeaJ-H4okXSe2a6hMvtKQSsukhLw==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 24 KB
7 KB 12ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6996173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WJI0jQGlJN_4hjMrR1RDc7zNlV0lDI4aPLYlAUAsiKcxfKLqLCwVyg==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 62 KB
20 KB 13ms
12ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CzA2B3olN6ryFft0LwZYQ6sfATWmCUZxkxRt2wD-NPLlHX7T02sChg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 105 KB
34 KB 14ms
12ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CMaM47V5mRv-VyECfW4Immm_wutjo6rrXZHY1TdXPN9GbtUV3WeVtQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 12 KB
4 KB 16ms
14ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6996173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KTNDgCDS-hKd3aC6TEdBhl_vVgPAKr7OQrJef9eINgH6QMzo7Mi-Uw==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 12 KB
5 KB 17ms
14ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3NgWQeDCncbF0rZjFcovIUOi-ssNtP3yQub7fI-ZUlOrP_Pj5p8ZeQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 17 KB
7 KB 17ms
15ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LZ3uiNDBhxYbWs54NQJjUQej167MvtNdR0RmziOvVtcqsOs2cgEjHw==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame B33A 11 KB
3 KB 17ms
15ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fj3zk93cPXRUlQgx0cgqy_t7yE1crME1wEvKszXhlIj5k-1UuP87Rg==

GET
H2 200 8.34f5837a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 70 KB
22 KB 16ms
15ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.34f5837a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

41d8c6f7cbea820cb326e3ea1cd26e20b1b449389ecd81bbb484ea954b2f3570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:23 GMT
server: nginx
etag: W/"d83a8946b16ab27e03d43f212f8f4c50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fmgDPDy_UWCF0XOnS_mENkPOCVLudi3I
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UZU9GvgT9Zgc93tXuMj6EUo8wUjaa4XRDBSYj30G89gsRBhNCiqlSw==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B33A 24 B
666 B 16ms
16ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pFM2UZNcBZSliGT66eEZin6a0TJOsIwO4fkM7eKOWTy0RPoJhxVLjA==

GET
H2 200 15.7b21c502.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 75 KB
19 KB 17ms
16ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7b21c502.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9c332788d3599403cb7cc9fa8e8cde25936f114d5df81361b717a2b784b3dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:21 GMT
server: nginx
etag: W/"e9f167f5a648ad49cbf5c819b1378786"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H7VatOkikIAcCe_13soMJWKv4PM_jVze
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MqRgHWjsNZX5civnbghG3f3_z1xQnJxyvL1A8Z2aCLF78F-MwzNOfg==

GET
H2 200 22.de2b78c0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 47 KB
13 KB 20ms
20ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.de2b78c0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

09edd496e3b333660febff7ae03d02b7323cfc773e1210aa62a34c18cfee2d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 16:46:38 GMT
content-encoding: gzip
age: 460303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 15:41:18 GMT
server: nginx
etag: W/"cdba45ad0b9a3033b1182083d781a8c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7Esyz9bsVJ4Vwtx7jOQfveEVG9RtAhD7
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u075Q82W3X5xW8BzNy091UYfnJFiYaqp2dBLm8Kg2Y1Yvq1jHKBnmw==

GET
H2 200 13.5cb29355.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 41 KB
13 KB 21ms
20ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.5cb29355.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3277c195d3ae37f06cb4c38dd1cd87330c63f44d00e2782d28c56128e8c7dd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 17:04:23 GMT
content-encoding: gzip
age: 113638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:15 GMT
server: nginx
etag: W/"1f3803a1f152b6988b465e1511cfec2b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dEW9bNMOUtIRhoYn8TxsTGuPy0MBvWg5
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SvKpP1GC3zf8p0i_QQsAEXHl3f_T6DR_Ta2DBzw13cjsWcNJqfTuYw==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 47 KB
14 KB 19ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M0uy2-xGK7fusGXsX5ifrYO1G0vInjFrjThReybHSMbDfFj2pwuF9w==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 44 KB
13 KB 22ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hC1t84hwAJDLc-m1vo4ZQvJR18T1kPZi9GQF8LdorW6BJqrcOD7VWw==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 25 KB
8 KB 21ms
4ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 02:02:27 GMT
content-encoding: gzip
age: 3710154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:14 GMT
server: nginx
etag: W/"5b39d5e49e5ec5cdb576054612a441ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mF8pRcNsQvKBbyz9SpMVitUINOHuOU71N3yxYQepvtvzBlhHbxRxDA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 16 KB
5 KB 22ms
2ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iGUt_vv9uL-zr5L4LtRJfc-Z5BJAFQOPkVhv-0moZdrDxMLFYYYCzg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 72 KB
22 KB 22ms
3ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 8239478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TpnejtecfRCHZ7W5_nDJofdRi4nzYkGU3KCC3sVLw3E4vveFgsKHHA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 16 KB
6 KB 23ms
4ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CAjUeEA1nL3Gs8xM5DDd74yxxCOqYIOCvfAQzRuoNPHhF9ShV9XlgA==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 59 KB
19 KB 25ms
6ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 1096455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IGJWVoMRsHpLcxp0zbeJ_zIiO.NSaRGV
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6fxe19miFHeAUln3vyQK-rTJWJJuDZngo_uXL4zRYmJQLgg7Kf4m4A==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 91 KB
28 KB 26ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 08:08:57 GMT
content-encoding: gzip
age: 3515364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:13 GMT
server: nginx
etag: W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dub_MDFTJIebEN61tZMM9sseK8OA4v7wObPXD_nNm2SxC6sEAn_1Aw==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 24 KB
7 KB 27ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6996173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 56Rd0zMzEtdDubvnCRTgcinPV4RL_1yJemHEGnJru1Yw_lzrq0-xww==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 62 KB
20 KB 27ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oTXMUE6XLw993n3ekXqDvhRsPgfIAc7J0o22v3ZO4PmmAWR4dKx75A==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 105 KB
34 KB 27ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 2284200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aZxeA_G0eHQL6rm6GXAsQDOk5Da2BINF5ShE2QOtFIHg-iVzOWxXmg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 12 KB
4 KB 28ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6996173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: APvihvA7kvoSE9MBc7o8TIH3OhuxdK2YnquGds7QF3HZ1xv-EipL6w==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 12 KB
5 KB 28ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cm-yr-hGRdEYJG_O0PFEAZZez36Q5jIJNgi0eVaQrcMxCVThL83hhg==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 17 KB
7 KB 28ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ebjVoQQD_PsX7txs14KgF38Aosc00e4CLCKsrzuI0_Z6G1LpbITHLQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 11 KB
3 KB 26ms
11ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k-HnyZKs08pgWLlsLpFogNwJujTiMVr89_-1YcT0dsdkMOiHMM5j0A==

GET
H2 200 8.34f5837a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 70 KB
22 KB 26ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.34f5837a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

41d8c6f7cbea820cb326e3ea1cd26e20b1b449389ecd81bbb484ea954b2f3570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:23 GMT
server: nginx
etag: W/"d83a8946b16ab27e03d43f212f8f4c50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fmgDPDy_UWCF0XOnS_mENkPOCVLudi3I
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ROEFSjD7Sdsx4EsMb3JnlrqlHmGjh020OcQfJRshypzaFRVjOjO7NQ==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 24 B
667 B 26ms
11ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
age: 8239480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DiO1RSZ1HK3YcRUbZndqx8A5cwBWm-Oo6y8B9Kbv_xuGLm9RXoxjhw==

GET
H2 200 15.7b21c502.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 75 KB
19 KB 27ms
12ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7b21c502.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9c332788d3599403cb7cc9fa8e8cde25936f114d5df81361b717a2b784b3dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:21 GMT
server: nginx
etag: W/"e9f167f5a648ad49cbf5c819b1378786"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H7VatOkikIAcCe_13soMJWKv4PM_jVze
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9TEnoTfLoWb1i923rZrOQeZ_px0SMs8B1WYJ8xkaLyJtIeP6Jn0nkw==

GET
H2 200 22.de2b78c0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 47 KB
13 KB 28ms
13ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.de2b78c0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

09edd496e3b333660febff7ae03d02b7323cfc773e1210aa62a34c18cfee2d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 16:46:38 GMT
content-encoding: gzip
age: 460303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 15:41:18 GMT
server: nginx
etag: W/"cdba45ad0b9a3033b1182083d781a8c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7Esyz9bsVJ4Vwtx7jOQfveEVG9RtAhD7
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ps4cVCIFd_7Xv4UKMIV8-vKM_7P8iIPng4wYTaqnKqQx6xrr93B9nA==

GET
H2 200 13.5cb29355.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 41 KB
13 KB 28ms
14ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.5cb29355.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3277c195d3ae37f06cb4c38dd1cd87330c63f44d00e2782d28c56128e8c7dd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 17:04:23 GMT
content-encoding: gzip
age: 113638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:15 GMT
server: nginx
etag: W/"1f3803a1f152b6988b465e1511cfec2b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dEW9bNMOUtIRhoYn8TxsTGuPy0MBvWg5
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zBgNQd2QyBz_rt0tzssCelKMOpIrHWNnJcMkSEQD9HMgaWhQ13c7GQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 9 KB
3 KB 7ms
6ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PIEhHke7KLlb-LpV-ysq4zzximuwl0bWBrEgOwdap-P935kaLla0xg==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 33 KB
10 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8QV0OnznlHkEIH7bMVQoIoON8h-Eb21rSYfzSvAHKgPM-yn91mr4rQ==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame B33A 8 KB
2 KB 8ms
8ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:12:42 GMT
content-encoding: gzip
age: 3212739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 19:35:45 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nIQWP_TNHXf6VKMh1KLKq0CMzjnrVBjf
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KccIt5U8VJ0an_wh6wbGOqscuLCK62c6jMBmtKdLF28OhF4-Sx2juQ==

GET
H2 200 25.cbb949d5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 11 KB
5 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.cbb949d5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ab17697f258cb7405a45bbf7bcda8979910c5a992321420261271985e22e1133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:22 GMT
server: nginx
etag: W/"843e8fe2b7f7b238c806a78db5b94982"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qqGf5MREXrlx5Kt_JMLa9A4zvcKCjqVJ
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rpx3fDy_KOMUpLG1OXK6KWUm3Nq3YPxbgjZcglYo3cUFeMKygCnArw==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame B33A 365 B
1008 B 9ms
9ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kawPvjAiazW3_16CuM5VXvgATWU1BxdOFLY3UF6i0-pbiPFquirjVA==

GET
H2 200 19.4f8c9309.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B33A 84 KB
24 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.4f8c9309.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9b5f25ddf27306763a0c297e7a290f8090222185a313430d6f8263696afff7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=matt5ixswpxf&region=US&forceShow=false&skipCampaigns=false&sessionId=0afff646-5460-4e1e-a442-7c0390771d73&sessionStarted=1649551101.062&campaignRefreshToken=848d054a-9740-4120-ab88-afa6b013064d&hideController=false&pageLoadStartTime=1649551096180&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:21 GMT
server: nginx
etag: W/"da8569b3c844df389c8925279a5e63be"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ab6ahLYPZQkhrEtMY8T5dUzND9Y59h4E
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: amcIcMZLK1u6eK-a_KO70kiq9e6BywcljUOj9hqeb1xtYEcs_uBo7g==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 3 KB
1 KB 7ms
7ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KuatKGGTbh-3LraOPBtiRhlUwH4tdLGHv0HYj7IV4_HIoT78SsPfcw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 3 KB
2 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:21:23 GMT
content-encoding: gzip
age: 2330217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 19:39:00 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nKLZ1eCZgJyATnvQHZL81PT0kMSSnbMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Oho4xiP4s8iZz9tVb4ioCaq4VauRvO0Bn5b7l5zfHIn1eyKuELyMLA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 9 KB
3 KB 7ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: z50iYjv_-zwDNFpi8jQB04385VLjUfwaAo4IxYEzW35Q7weDK8kAiw==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 7 KB
2 KB 8ms
7ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QKYVsRHpA-s2WhqwrCk5y0mSIc9TRurUlcMALzj2dIuWFHQsw9gVaQ==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 54 KB
16 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 8239479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RCVpsxNTl2Fz3utL2ujlDoX3DTzHO2Un6UnvktxEvtuIPGck5mlmCw==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 43 KB
7 KB 8ms
7ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:51:52 GMT
content-encoding: gzip
age: 2025989
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 13:34:19 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PxBjSXKv2D9iu62R72tGZ7okhSAARqe8
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yQr8H--zMuSWjVrJDS7nCKbKctx4_NIEDi5ISvOCoT4_a6W6rxhBBg==

GET
H2 200 1.86296131.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 73 KB
25 KB 9ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.86296131.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

60f11b592e3cdd09a585b2282b2075d0bb7966d07b82348c8b3ccb501c63a288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 15:13:02 GMT
content-encoding: gzip
age: 379519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 14:05:21 GMT
server: nginx
etag: W/"babca985c66662a5953e03fb0cb46e22"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HYZqk3Jxc9HicBQiVkcYwgaSxU0PPrrw
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XTB1gr1gOxknpNjDLc_scGnzQzlXZ6O-jMteGhJjXpbr4B4Ux7dtgQ==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame CD03 12 KB
3 KB 8ms
8ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 1096454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pHw9X_j3lnHYAPELEWozrhov_rOIKMZh
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m702jt2r3GZMoCIlfLmKHrlpxSJibVRZbb8y1lRT17X7IAH6s1qD1w==

GET
H2 200 30.304d4bf2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CD03 11 KB
5 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.304d4bf2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.9c457b6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649551096180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 2185379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NMIjSc_O1m0oYNrwPiID10ULv1PB3Qyi
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ycc8LGuD2IENnECcrogeuLh-GKzf8HNLckyFPevDcY23-PMGcxqA6A==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 315ms
99ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 10 Apr 2022 00:38:21 GMT
requestid: drift37102db40d98f6b3807a0960067
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame B33A 25 B
122 B 126ms
126ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
server: istio-envoy
requestid: 265c5061f1acdc7a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame B33A 147 B
245 B 101ms
101ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

438f6729f67e8b7ae0e031b143a59c322aadfab32f9341d59967de1bc29b9b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
server: istio-envoy
requestid: bf405d04dd75e450
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 310ms
101ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 10 Apr 2022 00:38:21 GMT
requestid: drift0ed15f347e9903db5bc0811a5c9
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3D31 28 B
54 B 23ms
23ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/b4VKohE_Z0s?enablejsapi=1&origin=https:%2F%2Fwww.bill4time.com
X-YouTube-Client-Version: 1.20220406.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZUU5BYUpXcUlQWSj6zciSBg%3D%3D
X-YouTube-Ad-Signals: dt=1649551099359&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 10 Apr 2022 00:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 10 Apr 2022 00:38:21 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 103ms
102ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bill4time.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.bill4time.com
date: Sun, 10 Apr 2022 00:38:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 97ms
97ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 10 Apr 2022 00:38:23 GMT
requestid: drift3591b4b4281b72998575a69ac5e
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame B33A 25 B
88 B 110ms
110ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Apr 2022 00:38:23 GMT
server: istio-envoy
requestid: 85f8961121ed58f2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/remote.js

Domain: www.google.com
URL: https://www.google.com/js/th/o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/embed.js

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=jsyu1pOh4hfw2D0g&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.bill4time.com%2F&lact=157&cl=439948374&mos=0&volume=100&cbr=Chrome&cbrver=100.0.4896.75&c=WEB_EMBEDDED_PLAYER&cver=1.20220406.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=61&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24158383%2C24168749%2C24169457%2C24187903%2C24188856&muted=0&docid=b4VKohE_Z0s

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bill4time.com/	1970-01-20 19:45:09	Name: ahoy_visitor Value: ade8e581-9cd1-4dbc-b5a7-8fe46d441697
.bill4time.com/	1970-01-20 02:12:45	Name: ahoy_visit Value: 22cf4124-c7b9-4260-89f7-1a1b0df0e01b
reviews.bill4time.com/	1969-12-31 23:59:59	Name: ahoy_track Value: true
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_pages_visited_list Value: /
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_page_visits Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zEKj52I_bto
.youtube.com/	1970-01-20 06:31:43	Name: VISITOR_INFO1_LIVE Value: YQNAaJWqIPY
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_gclid Value:
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_source Value: (direct)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_source Value: (direct)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_medium Value: (none)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_medium Value: (none)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_campaign Value: (direct)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_campaign Value: (direct)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_term Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_term Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_content Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_content Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_landing Value: https://www.bill4time.com/
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_landing Value: https://www.bill4time.com/
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_referrer Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_referrer Value: (not set)
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_fc_channel Value: Direct
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_lc_channel Value: Direct
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_ip_address Value: -
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_OS Value: Windows 10
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_device Value: desktop
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_browser Value: Chrome 100.0.4896.75
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_city Value:
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_country Value: Sweden
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_country_code Value: SE
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_region Value:
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_time_zone Value: Europe/Stockholm
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_latitude Value: 59.3247
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_longitude Value: 18.056
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_all_traffic_sources Value: (direct)/(none)
.bill4time.com/	1970-01-20 04:22:07	Name: _gcl_au Value: 1.1.1298089411.1649551099
.bill4time.com/	1970-01-20 02:13:57	Name: _gid Value: GA1.2.1312747045.1649551099
.bill4time.com/	1970-01-20 19:43:43	Name: _ga_ZQY3BNXSP5 Value: GS1.1.1649551098.1.0.1649551098.60
.bill4time.com/	1970-01-20 19:43:43	Name: _ga Value: GA1.1.345994348.1649551099
.bing.com/	1970-01-20 11:34:07	Name: MUID Value: 27F0E65FCB676A182B0CF7DDCAB56B67
.bill4time.com/	1970-01-20 02:12:31	Name: _dc_gtm_UA-2204017-19 Value: 1
.bill4time.com/	1970-01-20 02:13:57	Name: _uetsid Value: 848476c0b86611ecb8e7bd6a9a6432b0
.bill4time.com/	1970-01-20 11:34:07	Name: _uetvid Value: 8484b5c0b86611eca739230b6323f90f
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_GA_Client_ID Value: 345994348.1649551099
.bill4time.com/	1970-01-20 10:58:07	Name: _clck Value: rbgyno\|1\|f0i\|0
.bill4time.com/	1970-01-20 10:58:07	Name: gaconnector2_id Value: f9b03944-c594-219a-990e-7dedabe0ecc4
www.bill4time.com/	1970-01-20 02:55:43	Name: b4tTrackingData Value: {"date":"2022-04-10T00:38:20.075Z","landing":"https://www.bill4time.com/","referral":"","path":"/","referralFirm":null,"referralUser":null,"gaClientId":"345994348.1649551099"}
.bill4time.com/	1970-01-20 02:13:57	Name: _clsk Value: bkp1mf\|1649551100079\|1\|1\|l.clarity.ms/collect
www.bill4time.com/	1970-01-20 02:12:32	Name: drift_campaign_refresh Value: 848d054a-9740-4120-ab88-afa6b013064d
.doubleclick.net/	1970-01-20 02:12:32	Name: test_cookie Value: CheckForPermission
.c.bing.com/	1970-01-20 11:34:07	Name: SRM_B Value: 27F0E65FCB676A182B0CF7DDCAB56B67
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:34:07	Name: MUID Value: 27F0E65FCB676A182B0CF7DDCAB56B67
.c.clarity.ms/	1970-01-20 02:12:31	Name: ANONCHK Value: 0
.linkedin.com/	1970-01-20 02:55:43	Name: UserMatchHistory Value: AQL16i-VWIh6pAAAAYAQ6E01ioA_fPuaItsfT6GcZkwrBg2qwesloq1YmqC-TRceCHG8dGvB0tAtyw
.linkedin.com/	1970-01-20 02:55:43	Name: AnalyticsSyncHistory Value: AQI68QLuoZc49QAAAYAQ6E01PoTtzHXT44A-iNfUyc7jrWQt5PqOojHmlyUNMhSboomvQXFZyLwQB1KcaypY6w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:44:24	Name: bcookie Value: "v=2&9c75fde1-8bf1-4f59-8e19-bc915b22cca0"
.linkedin.com/	1970-01-20 02:13:57	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2255:u=1:x=1:i=1649551101:t=1649637501:v=2:sig=AQF72lk2OR3WMs26wEY05X0y75i1794G"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:44:24	Name: bscookie Value: "v=1&2022041000382110d7039f-ea13-494f-8d75-2b4a8f1aa8f5AQGiMkL5tX9Pe-y7Fi0R4yg9oCToU5vy"
.linkedin.com/	1970-01-20 19:40:34	Name: li_gc Value: MTswOzE2NDk1NTExMDE7MjswMjGVJz8AINwkcCN/diszsMCTVEsAKjlR6s7t5gSsSw0iMA==
.bill4time.com/	1970-01-20 06:34:35	Name: gaconnector_time_passed Value: 5001

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=33962 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
chimpstatic.com
cloud.typography.com
d.adroll.com
f.vimeocdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.vimeocdn.com
jnn-pa.googleapis.com
js.driftt.com
l.clarity.ms
lltrck.com
metrics.api.drift.com
p.typekit.net
player.vimeo.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
reviews.bill4time.com
s.adroll.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
track.gaconnector.com
tracker.gaconnector.com
use.fontawesome.com
use.typekit.net
www.bill4time.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
www.google.com
www.youtube.com
13.107.42.14
142.250.186.98
143.204.215.107
151.101.114.109
151.101.128.217
151.101.14.109
20.120.65.166
2600:9000:206f:d000:6:9280:1080:93a1
2606:4700::6810:cf9b
2606:4700::6812:1634
2606:4700::6812:5c2
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9a
2a02:26f0:3500:7::17d8:4dc7
2a02:26f0:3500:7::17d8:4dca
2a06:98c1:3121::7
3.221.130.247
3.226.66.211
34.197.253.42
52.142.114.2
52.48.63.232
54.147.21.139
96.16.131.108
96.16.137.109
017e22026a35a2456a173504461fdbd533de5beeaa38f5196e286b239e329d1f
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
09edd496e3b333660febff7ae03d02b7323cfc773e1210aa62a34c18cfee2d37
0a0ff255947964646669c22d00a61fb775f1b354fcd0581ce1910a7843d23167
0accb6518b8cf5acd005e285c2ec570a9708c638124a07945fd400a181c710d4
0d21ecba2d39902410c0b95ae7a74399428c0e8a1e235568a3e2345c83d9b3fd
10e14c603c8b17a4eca4117a369db182aa16ae9c0a4ee6291b62bb76ca9e8b95
125bff7712e54873a1471b378143e9562dce2ba97915b547c40b513aa91718c7
17cc73f45e1e3f029df689efaf2b6e534ed24437c3d4df849af917e74bb0de43
185475ca14a993390692bbcc0df269cbb7716d225860cf6ae95b1c292a23950c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff
20c4bf71081651f0831a53674b2130b2df429707e69a532e12b91f9e66b676b7
2af7b177ebb6c2aa1b3764a0fd7ac2b49752bdd2a120b36d531694ec09ee1f33
2bfa6198687cdc2f37c440d6254675f95b4d2dd63ae594f3154e33a2d36a8db3
2fd1b692fe9c040fa508885bb4994b08625bd691923b822f78f3288a817341fb
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
3277c195d3ae37f06cb4c38dd1cd87330c63f44d00e2782d28c56128e8c7dd4b
3a6ece4300b8d7c6ac549454f22c0097960f6fd895f20022f73817f1d5416d26
3afaf960359689654144ecd30901d97387e6837c5ea244bc8b65220d2e95871e
3b7c37c25cbad0392bfad4e7f80f75216f937f7c677244645422e051e052d219
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
41b5c55cdb844d1a801633981f74ff97a512aa84edbe5689bc226d27aa3fc87c
41d8c6f7cbea820cb326e3ea1cd26e20b1b449389ecd81bbb484ea954b2f3570
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
438f6729f67e8b7ae0e031b143a59c322aadfab32f9341d59967de1bc29b9b33
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
488036fd8b0929b45c82810e81accd8653a3daf595a8881b6dd1197cade921c4
489973c18522ef1094ed5296d499892529f6ed9eb8755350daf512911218b1f5
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4abd853fcf7a6144bb881530f26723653e273f3f1aca09d188ecaaf04785649b
4af9b4e1f457ead7b98aa2329d26a6cbf94a00416b226b00bd173813edee4bc7
4d41b88e85f102322f6518ab48a1cfc3b8687aedd42bef4a223aacb94b3afefd
4d884b5bc22bb5739831e5d7532b51c78e85042bfa962c15a8180efa5314a1c7
4f5a472bb95a32fca037b1af59000ba5371ce142e02bde15a2e38ba86d25a7a1
50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8
5057c6c9ddcdc374eb8cbb4ffe7ae398b306e1cfa4b14ed68660ceafc9607381
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
56a84216404baf379b6e60b4f5a4fe685ced06284ded420340e01bab78dce3e7
593a947c4e62bcaf923b6bbc064404419635a5a5495aba14bf02aecf12ba2b75
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e2412fe132c63297c961460a17cec971be790e19e3269ac40b05639fbace02f
5f9c7c231ed5e0fee42ba14085a7f2a86d31e470d95c9115d6fb4dad8bf13b38
60f11b592e3cdd09a585b2282b2075d0bb7966d07b82348c8b3ccb501c63a288
61eb353b044765784aad497ce4758d7662e59c51649d75b5d475d05ceb73cf2f
62335c558ae03161e484db90d693592a3557340e5aed418235b63d3054d60db5
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02
688980e4845a4d2f59a43b03c261ac4674ecf2a74d268544ca31de1cb7ead7ab
6cf8975d006d88beb0dd98151db2b6f15db2501aecc9488366ff57c5d9f31c40
6f83de9a9b87d22651b20dd74024e8944e554915272d8b62e95da2fcd86df67c
709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
746489935e1772a5891b76a419224fbf30232e23e95c4fb571883a95255eba1a
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
80788163a708db724a2be8bd80efaf87c9000abc1e38f832fe810e33eb4d71e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83496b41d36072fe7780a424332e28e83993d296f5f24389d55ebd5631bf4561
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f4ee5263f8c771a966411abbc06f72a426240d72e728d365e0562b4147c19b
851ca077bdbd718b428cc9703ce05cc0c83713b2003ba5e450688e56e5695f53
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85896658a289664c1f6138d32fee91ea5ff18f4259889762139bfdcd86a5bb00
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8b57691479207344f5d711c7c4a6634dc17b0bfcbe6dea92d5669d4b89bcfbef
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8bf4d5edd8e48db5b6196a02ee34be2d296729be57be38ed1c34e6575303e689
8c4e4dd31c50fcbb99a44910cc6ea71c13ff7d2f0e1cdd075897f3fb85809fd0
9068bee0725b95216accf91a303e6f509972842ee4096c305940113ad0cc9b82
909452102ce78d25767c3fdab941fdbf3dbfb8ad080b122dfe1ce64e8c9fdb91
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
943d5a6a78471e0f3d9d23cc8d30c2e23becc9287f7908e5042caa8113c74231
959a3fa0255a8c34e2b7f4fa09467c29c3498f93a2cd78670a64f83a8dc69420
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a609551b5826e6fa5c9805c37e47ac1446b3bd3cfac2e8570c39b08514942c0
9b5f25ddf27306763a0c297e7a290f8090222185a313430d6f8263696afff7a4
9b79ac520ef38beee997bfa29a2e7353b57b7eb86cd7c4ce9c570eefa12d793c
9b86ed6b776018a8223765ab168c1577d01d55fc30fb43c66ce57d781f333e25
9c332788d3599403cb7cc9fa8e8cde25936f114d5df81361b717a2b784b3dd0e
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9e4d1075f77c012184fc2962f746d37175b7fb2c50870625a3b08c7bddd3a6ae
9e7f01b6772a037bc0590254092e9031e097963fd9b20e9428b37114ac3e91f9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
a288c8c36f18be3d28a598feb15c29d2128c2f34e5ca603f8d738055eae7d50b
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143
a42b3fe1ed4b2e0cca74c0df1798a9b3708802a84e9bc619791bd31aec7e5d23
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c
a8d8388fafc8a0da4694b82732c6950f467149356255c8c7105148cc820858db
ab17697f258cb7405a45bbf7bcda8979910c5a992321420261271985e22e1133
b38128cc61fa3e741bc1c943f032264501cbe1fbd7459ef2204f6366b47149fa
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c
b6a21b0bc746cb6bab31c2b7be3d9fd73c15e290d5ec8215a9b0f542883f2d1e
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b7a109a6eee635a277414a0ec0e870ba3cf364b51463749b86ebf698f36219e1
b8221937159039b45af82459efc4c6c971226babf4e761eeaa831032535978f6
b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bc4fdec388c7c2dc2f5cbeadf2b8f93db4aaa257c5e2bf8c71976ab443e70398
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
becf06b7892b16973b2fef994efb142c7d67f408c53c2e94dae504bcf8995153
bfc954b50ead28b724f9705a523f8ca071fad641f6f5c7fc515b0a302d8ac9c8
c6eee91c8cd834e17e5f34f1f79b7f5157b90003448a023124dda10560bba0a5
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb05208bd25c63f9d1cfbd800c24aa889d4da530904b82b9212d3ce6870fb96a
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d0429ecdd7cd85ad9aaa06644a2f2a00b9f31ea7b47f88e051d0b8911d2bf5f0
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393
d0fd0953739b8448f423ab5aac82b915cccd41df159d4f15436656b0e7dcb1d3
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d3a1d2b6daf6eaaec581d58af19ad85cd01139f14c58aed8433a3b6fde3c22e5
d713cde303b1f50bd72af2583a0b75e2294a67b0028fd743a1ec4b4d8f637af9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda
e09b5d7df262b549ee056c6fcf4348b38389930d9ca4109ca8b0ab8bd3bbb710
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
e1950711d871a6e712187f31e08bdd51107cd40dc41e38cea1a1ff633e5d0a66
e2a6c48e685e42af7976969e272ae6a62f3541a8683e47b4a5ac44af020ed65c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e858687dcb2c6c024fc997d113f06db3146f3f601a8a4afd6bff54250001ec33
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
e940d682e5ac93be86e563838f174d5a2d940b53cc1cd3b71223fba35364d538
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ecebbb2fbb5a4be9a4b89377fa16f412258f429c4d9695e9042f2b83ea5270fc
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3291a7c84912dfd800b47f3e636b59260eb53d8eda4b5a98c5e91e9ccbb088
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef186b54ed310784f5a76896db3a9eaaf8d6cde6c2609f595d362d4a96739240
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f0b2b280eef7affb3290c61f847a81d84d9d58b5fdbab2e9c00d08d787c0472e
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f4d084b050f352d82f20c43f8a3959c95e42dd79c12654bf04ae4f6dbdc6826a
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f770bdf12ad793925e57b640e626dca5846302939f747eb7863b8abf22e5cdab
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e1f377588717e1ddc0ef0a0f256630cd7822e8aa4dbdb0a576555e22d99592
f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c
f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a
fb024b3160440b02e9201a828413c3e8ee9023dabfe9cabc4e8747750af4ce93
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feddd0ae24f651d89bed0156dd9474669b261ae3ba950677ca572a5851c69e72

www.bill4time.com Open in urlscan Pro 2606:4700::6812:5c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

214 Requests

94 %HTTPS

58 %IPv6

25 Domains

40 Subdomains

34 IPs

4 Countries

4405 kBTransfer

12596 kBSize

64 Cookies

9 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bill4time.com Open in urlscan Pro
2606:4700::6812:5c2 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

94 %
HTTPS

58 %
IPv6

25
Domains

40
Subdomains

34
IPs

4
Countries

4405 kB
Transfer

12596 kB
Size

64
Cookies

214 HTTP transactions
8 data transactions