URL: https://myaccount.bhmproxy.com/
Submission: On December 02 via automatic, source certstream-suspicious

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 30 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is myaccount.bhmproxy.com.
TLS certificate: Issued by GTS CA 1O1 on October 21st 2020. Valid for: a year.
This is the only time myaccount.bhmproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
8 myaccount.bhmproxy.com myaccount.bhmproxy.com
4 oauth.drsoft.com myaccount.bhmproxy.com
4 www.google.com myaccount.bhmproxy.com
www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 js.stripe.com myaccount.bhmproxy.com
js.stripe.com
1 www.gstatic.com www.google.com
1 secure.gravatar.com
1 www.google.de myaccount.bhmproxy.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.ravenjs.com myaccount.bhmproxy.com
1 www.googleadservices.com myaccount.bhmproxy.com
1 www.googletagmanager.com myaccount.bhmproxy.com
1 fonts.googleapis.com myaccount.bhmproxy.com
30 14

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1O1
2020-10-21 -
2021-10-20
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2020-09-22 -
2021-02-03
4 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-27 -
2020-12-18
2 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
oauth.drsoft.com
Let's Encrypt Authority X3
2020-11-12 -
2021-02-10
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh

This page contains 4 frames:

Primary Page: https://myaccount.bhmproxy.com/
Frame ID: 776945A2984D01B85451E6868246605B
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
Frame ID: 90E6656BE23DE67DD237997B6026DFCE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&co=aHR0cHM6Ly9teWFjY291bnQuYmhtcHJveHkuY29tOjQ0Mw..&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=invisible&badge=bottomright&cb=i3j0c4hz9wgl
Frame ID: B09FDB89AA2A2FA9F0F7C83A0674478E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&cb=rko5yvqh8m77
Frame ID: A99158C954831E11166B2BCC4E6FFCA5
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

30
Requests

73 %
HTTPS

69 %
IPv6

13
Domains

14
Subdomains

13
IPs

5
Countries

1003 kB
Transfer

3805 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
myaccount.bhmproxy.com/
2 KB
1 KB
Document
General
Full URL
https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd1bb1267154f2b692d35a387c445d65695ae9fd71ec4fba586c3755e5e43594
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
myaccount.bhmproxy.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"84570421ccd84060a8a117591551e19f121cc01a6636a03e9db7095b1132377f-br"
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Wed, 02 Dec 2020 16:25:07 GMT
x-served-by
cache-cdg20755-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1606926307.834582,VS0,VE506
vary
x-fh-requested-host, accept-encoding
content-length
737
css
fonts.googleapis.com/
8 KB
860 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,500,100,400
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a39b0128d46fdbb8d20641479a621f68c72a15346986e13b9a5e01fd3a48ea41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2020 16:25:07 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Wed, 02 Dec 2020 16:25:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 02 Dec 2020 16:25:07 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36099094-13
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9265769b19b0a86391fcc9e66658df39431929c40034a99e63d040193f09b648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38695
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Dec 2020 16:25:07 GMT
/
js.stripe.com/v3/
186 KB
49 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
133ef7cd5d34ee12ca76ea374e48410e81545790de226170fa2d9bcdb6caf513
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:07 GMT
content-encoding
gzip
vary
Accept-Encoding
age
133
via
1.1 varnish
x-cache
HIT
content-length
49194
x-amz-id-2
ajb4mS6v61Hvh+eca0Yh8IrOn0iG3N5O+m+lQpcJ8J5p0b2xWq8Oo7x9x1vsleeb6mpwtOJy8rw=
x-served-by
cache-hhn4021-HHN
timing-allow-origin
*
last-modified
Wed, 25 Nov 2020 01:53:27 GMT
server
AmazonS3
etag
"30568b6c62522f9c38801e4106529c89"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
39E6C6FFF12FF3D5
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
222
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11761
x-xss-protection
0
server
cafe
etag
8854462785499610041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Dec 2020 16:25:07 GMT
2.css
myaccount.bhmproxy.com/
430 KB
54 KB
Stylesheet
General
Full URL
https://myaccount.bhmproxy.com/2.css
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c292c162010074f01cee6dbe3a0be176ddb26e242b4fd47714df6a4df068ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926307.368431,VS0,VE372
etag
"556376b188443e09aa4174245926fef9e98d94d979463de0b758d9a414ff157c-br"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:07 GMT
accept-ranges
bytes
content-length
55184
x-cache-hits
0
0.css
myaccount.bhmproxy.com/
12 KB
3 KB
Stylesheet
General
Full URL
https://myaccount.bhmproxy.com/0.css
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9008de1d224d1b2102be88653b9d9c192231c8d2bdbbb38c67df5c6105f29758
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926307.368807,VS0,VE341
etag
"1b02d4a8d15826b88abce355ae07e85894a654cfd0ade93aa708f26e45b05519-br"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:07 GMT
accept-ranges
bytes
content-length
3087
x-cache-hits
0
raven.min.js
cdn.ravenjs.com/3.14.0/
24 KB
9 KB
Script
General
Full URL
https://cdn.ravenjs.com/3.14.0/raven.min.js
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
400bcf692072f25df22bff74fca31dfd30eeba76d89d54761d5cff058eab9769

Request headers

Origin
https://myaccount.bhmproxy.com
Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:07 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 17:26:39 GMT
server
Fastly
age
42507
etag
"2a78572fa63031f5e410771635580e63"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9425
runtime.a7514579a89abd5b4b8c.js
myaccount.bhmproxy.com/
1 KB
793 B
Script
General
Full URL
https://myaccount.bhmproxy.com/runtime.a7514579a89abd5b4b8c.js?v=
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76a9cf59f3d8b0c8aa579ddb9e300b9186a704ddccda60f323110da9e693706d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926307.369119,VS0,VE405
etag
"a0ee7ca2c8da22369a7359445a12bbd01a0e80b16d294538b523893548474202-br"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:07 GMT
accept-ranges
bytes
content-length
657
x-cache-hits
0
vendors~main.b36507e3cba3d60cea27.chunk.js
myaccount.bhmproxy.com/
2 MB
376 KB
Script
General
Full URL
https://myaccount.bhmproxy.com/vendors~main.b36507e3cba3d60cea27.chunk.js
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d82e5f2c8c017ce8b14b4766930d0cfc667f12fe287296be452f804a3fb19378
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926307.368986,VS0,VE518
etag
"42c4a5a97e4f9d656ffb30ab1a1d465e4870ced0e856bd39490aa1895bad99d7-br"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:07 GMT
accept-ranges
bytes
content-length
384551
x-cache-hits
0
main.3e1ff79e5620c4b9b542.chunk.js
myaccount.bhmproxy.com/
761 KB
101 KB
Script
General
Full URL
https://myaccount.bhmproxy.com/main.3e1ff79e5620c4b9b542.chunk.js
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f25cfb1ecfa3dca617856de7852f258734137c7e14a6729c6b5b7cbea7e0a43f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926307.368965,VS0,VE538
etag
"06c0e1707e4675c1c26c9962df1cc2b24dc5f3f0ed46006011aa9187cc3e78a7-br"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:07 GMT
accept-ranges
bytes
content-length
103425
x-cache-hits
0
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36099094-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2146
date
Wed, 02 Dec 2020 15:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 02 Dec 2020 17:49:21 GMT
collect
www.google-analytics.com/j/
2 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1197956132&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.bhmproxy.com%2F&ul=en-us&de=UTF-8&dt=Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2069538562&gjid=579854397&cid=1724100943.1606926308&tid=UA-36099094-13&_gid=868801115.1606926308&_r=1&gtm=2oub41&z=126140105
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 16:25:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myaccount.bhmproxy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
93 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-36099094-13&cid=1724100943.1606926308&jid=2069538562&gjid=579854397&_gid=868801115.1606926308&_u=IEBAAUAAAAAAAC~&z=1760559201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Dec 2020 16:25:07 GMT
content-type
text/plain
access-control-allow-origin
https://myaccount.bhmproxy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-36099094-13&cid=1724100943.1606926308&jid=2069538562&_u=IEBAAUAAAAAAAC~&z=2105488749
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 16:25:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-36099094-13&cid=1724100943.1606926308&jid=2069538562&_u=IEBAAUAAAAAAAC~&z=2105488749
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 16:25:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
oauth.drsoft.com/myaccount/affiliate/data/ Frame
0
0
Other
General
Full URL
https://oauth.drsoft.com/myaccount/affiliate/data/
Protocol
H2
Server
178.63.143.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.143.63.178.clients.your-server.de
Software
nginx/1.15.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
rpa
Origin
https://myaccount.bhmproxy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.15.6
date
Wed, 02 Dec 2020 16:25:08 GMT
content-type
text/html; charset=utf-8
content-length
0
vary
Origin, Accept-Language, Cookie
access-control-allow-credentials
true
access-control-allow-origin
https://myaccount.bhmproxy.com
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, AUTH-TOKEN, RPA, DOMAIN-REF, VPN, MOBILE
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age
86400
content-language
en
x-content-type-options
nosniff
referrer-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
version.json
myaccount.bhmproxy.com/
19 B
168 B
Fetch
General
Full URL
https://myaccount.bhmproxy.com/version.json
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/main.3e1ff79e5620c4b9b542.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eced8c460aa60cc1bb4cbe0fedf99f4beb7ef1c232c77ea7deb66d76a7b972f7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

rpa
1
Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926308.125228,VS0,VE328
etag
"48b2bce7c76d8c8edc11c2170591e1804e0841ce80a3696984ce07b01ff93a04"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
application/json
cache-control
no-cache
date
Wed, 02 Dec 2020 16:25:08 GMT
accept-ranges
bytes
content-length
19
x-cache-hits
0
/
oauth.drsoft.com/myaccount/affiliate/data/
2 KB
1 KB
Fetch
General
Full URL
https://oauth.drsoft.com/myaccount/affiliate/data/
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/main.3e1ff79e5620c4b9b542.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.63.143.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.143.63.178.clients.your-server.de
Software
nginx/1.15.6 /
Resource Hash
711652a2a0cf15909a881f3b7013b0dda6a39925ebc2be92542869ee960fc533
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

rpa
1
Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:08 GMT
content-encoding
gzip
referrer-policy
same-origin
server
nginx/1.15.6
x-frame-options
DENY
vary
Accept-Encoding, Origin, Accept-Language, Cookie
content-language
en
access-control-allow-origin
https://myaccount.bhmproxy.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
x-content-type-options
nosniff
m-outer-26f06e6dfafc73ef8d70171c2397785d.html
js.stripe.com/v3/ Frame 90E6
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://myaccount.bhmproxy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://myaccount.bhmproxy.com/

Response headers

x-amz-id-2
sUXQaBeoyL0pBy+zPOsHzi3cgFSxWMq1cQpiDsACqJwuM9HkTJdgD5Sg3tUkKqwNvO51uqUxP84=
x-amz-request-id
B94A5CBA5B079A1F
last-modified
Tue, 27 Oct 2020 02:50:25 GMT
etag
"26f06e6dfafc73ef8d70171c2397785d"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 02 Dec 2020 16:25:08 GMT
via
1.1 varnish
age
193
x-served-by
cache-hhn4021-HHN
x-cache
HIT
x-cache-hits
675
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
185
/
oauth.drsoft.com/common/session/
66 B
488 B
Fetch
General
Full URL
https://oauth.drsoft.com/common/session/
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/main.3e1ff79e5620c4b9b542.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.63.143.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.143.63.178.clients.your-server.de
Software
nginx/1.15.6 /
Resource Hash
89c68fa3a42b7a1e32299067cd0475e7c680eb28d4325eb3289f5f1690ef4ed8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://myaccount.bhmproxy.com/
rpa
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
domain-ref

Response headers

date
Wed, 02 Dec 2020 16:25:09 GMT
referrer-policy
same-origin
server
nginx/1.15.6
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://myaccount.bhmproxy.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
vary
Origin, Accept-Language, Cookie
content-length
66
x-content-type-options
nosniff
/
oauth.drsoft.com/common/session/ Frame
0
0
Other
General
Full URL
https://oauth.drsoft.com/common/session/
Protocol
H2
Server
178.63.143.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.143.63.178.clients.your-server.de
Software
nginx/1.15.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
domain-ref,rpa
Origin
https://myaccount.bhmproxy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.15.6
date
Wed, 02 Dec 2020 16:25:08 GMT
content-type
text/html; charset=utf-8
content-length
0
vary
Origin, Accept-Language, Cookie
access-control-allow-credentials
true
access-control-allow-origin
https://myaccount.bhmproxy.com
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, AUTH-TOKEN, RPA, DOMAIN-REF, VPN, MOBILE
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age
86400
content-language
en
x-content-type-options
nosniff
referrer-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,100,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccount.bhmproxy.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,500,100,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
104673
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 01 Dec 2021 11:20:36 GMT
af3f6dbe172a9c1aba77366a2ff630d1.woff2
myaccount.bhmproxy.com/
184 KB
183 KB
Font
General
Full URL
https://myaccount.bhmproxy.com/af3f6dbe172a9c1aba77366a2ff630d1.woff2
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Origin
https://myaccount.bhmproxy.com
Referer
https://myaccount.bhmproxy.com/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 13:13:32 GMT
x-timer
S1606926309.089883,VS0,VE657
etag
"d4084d1077db7643914abe4ad66f8bd5d6b442562cd248f5f8193484420629e6"
x-served-by
cache-cdg20755-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
font/woff2
cache-control
max-age=3600
date
Wed, 02 Dec 2020 16:25:09 GMT
accept-ranges
bytes
content-length
187196
x-cache-hits
0
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,100,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccount.bhmproxy.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,500,100,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
536672
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Fri, 26 Nov 2021 11:20:37 GMT
api.js
www.google.com/recaptcha/
916 B
754 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en&onload=GoogleRecaptchaLoaded&render=explicit
Requested by
Host: myaccount.bhmproxy.com
URL: https://myaccount.bhmproxy.com/vendors~main.b36507e3cba3d60cea27.chunk.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a14898aaba78c6f7f260a0ab1788ef4971506a2bbb88438436e8be387f089ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 16:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Wed, 02 Dec 2020 16:25:09 GMT
8eb1b522f60d11fa897de1dc6351b7e8
secure.gravatar.com/avatar/
2 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/8eb1b522f60d11fa897de1dc6351b7e8?size=98&default=mm&rating=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c80110ddf04f7ff82f54b0877eca9be3dffc4b6e4da05b8e6bcc5594215559ed

Request headers

Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Wed, 02 Dec 2020 16:25:09 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8eb1b522f60d11fa897de1dc6351b7e8.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8eb1b522f60d11fa897de1dc6351b7e8?size=98&default=mm&rating=x>; rel="canonical"
content-length
1585
expires
Wed, 02 Dec 2020 16:30:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&onload=GoogleRecaptchaLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccount.bhmproxy.com
Referer
https://myaccount.bhmproxy.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 15:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3596
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133988
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 01:06:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Dec 2021 15:25:13 GMT
anchor
www.google.com/recaptcha/api2/ Frame B09F
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&co=aHR0cHM6Ly9teWFjY291bnQuYmhtcHJveHkuY29tOjQ0Mw..&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=invisible&badge=bottomright&cb=i3j0c4hz9wgl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0yK6nyIuejNEAHC0tmx8WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&co=aHR0cHM6Ly9teWFjY291bnQuYmhtcHJveHkuY29tOjQ0Mw..&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=invisible&badge=bottomright&cb=i3j0c4hz9wgl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://myaccount.bhmproxy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://myaccount.bhmproxy.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Dec 2020 16:25:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-0yK6nyIuejNEAHC0tmx8WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10928
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame A991
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&cb=rko5yvqh8m77
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yuoCcz+DgR2+1BV3GSr1Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6LeOQMEUAAAAAMaCRKgHHsndH_hyUucy0fI3vprb&cb=rko5yvqh8m77
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://myaccount.bhmproxy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://myaccount.bhmproxy.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Dec 2020 16:25:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-yuoCcz+DgR2+1BV3GSr1Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1123
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| Stripe function| GooglemKTybQhCsO function| google_trackConversion function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Raven object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| scCGSHMRCache function| Pusher function| GoogleRecaptchaResolved-91e36bd4-a126-4f33-baf6-e1b711c8a9ca function| GoogleRecaptchaLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_31324

3 Cookies

Domain/Path Name / Value
.bhmproxy.com/ Name: _gat_gtag_UA_36099094_13
Value: 1
.bhmproxy.com/ Name: _gid
Value: GA1.2.868801115.1606926308
.bhmproxy.com/ Name: _ga
Value: GA1.2.1724100943.1606926308

1 Console Messages

Source Level URL
Text
console-api log URL: https://myaccount.bhmproxy.com/main.3e1ff79e5620c4b9b542.chunk.js(Line 1)
Message:
SW registered: [object ServiceWorkerRegistration]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ravenjs.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
myaccount.bhmproxy.com
oauth.drsoft.com
secure.gravatar.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
151.101.112.176
151.101.65.195
172.217.21.194
178.63.143.219
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2003
2a00:1450:400c:c0c::9c
2a04:4e42:200::729
2a04:fa87:fffe::c000:4902
133ef7cd5d34ee12ca76ea374e48410e81545790de226170fa2d9bcdb6caf513
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
400bcf692072f25df22bff74fca31dfd30eeba76d89d54761d5cff058eab9769
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
711652a2a0cf15909a881f3b7013b0dda6a39925ebc2be92542869ee960fc533
7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5
76a9cf59f3d8b0c8aa579ddb9e300b9186a704ddccda60f323110da9e693706d
7a14898aaba78c6f7f260a0ab1788ef4971506a2bbb88438436e8be387f089ab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c68fa3a42b7a1e32299067cd0475e7c680eb28d4325eb3289f5f1690ef4ed8
8c292c162010074f01cee6dbe3a0be176ddb26e242b4fd47714df6a4df068ecd
9008de1d224d1b2102be88653b9d9c192231c8d2bdbbb38c67df5c6105f29758
9265769b19b0a86391fcc9e66658df39431929c40034a99e63d040193f09b648
a39b0128d46fdbb8d20641479a621f68c72a15346986e13b9a5e01fd3a48ea41
c80110ddf04f7ff82f54b0877eca9be3dffc4b6e4da05b8e6bcc5594215559ed
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d82e5f2c8c017ce8b14b4766930d0cfc667f12fe287296be452f804a3fb19378
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eced8c460aa60cc1bb4cbe0fedf99f4beb7ef1c232c77ea7deb66d76a7b972f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25cfb1ecfa3dca617856de7852f258734137c7e14a6729c6b5b7cbea7e0a43f
fd1bb1267154f2b692d35a387c445d65695ae9fd71ec4fba586c3755e5e43594