urlscan.io logo urlscan.io
SecurityTrails logo

h2o.billing.ms Open in urlscan Pro
172.66.40.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://h20.billing.ms/
Effective URL: https://h2o.billing.ms/
Submission: On May 28 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 42 HTTP transactions. The main IP is 172.66.40.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is h2o.billing.ms.
TLS certificate: Issued by WE1 on May 3rd 2025. Valid for: 3 months.
This is the only time h2o.billing.ms was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 172.66.40.235 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 142.251.16.97 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
2 172.253.63.106 15169 (GOOGLE)
3 150.171.28.10 8075 (MICROSOFT...)
1 1 104.17.96.195 13335 (CLOUDFLAR...)
6 216.198.53.3 209242 (CLOUDFLAR...)
3 157.240.229.35 32934 (FACEBOOK)
1 142.251.111.154 15169 (GOOGLE)
1 64.233.180.155 15169 (GOOGLE)
1 216.198.54.3 209242 (CLOUDFLAR...)
1 216.198.54.6 209242 (CLOUDFLAR...)
42 12
19    172.66.40.235 (United States)

ASN13335 (CLOUDFLARENET, US)
h20.billing.ms
h2o.billing.ms
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.251.16.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
2    172.253.63.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f106.1e100.net
www.google.com
3    150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    104.17.96.195 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
6    216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
static.zdassets.com
3    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
1    142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
googleads.g.doubleclick.net
1    64.233.180.155 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f155.1e100.net
td.doubleclick.net
1    216.198.54.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
ekr.zdassets.com
1    216.198.54.6 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
wireless-billing.zendesk.com
Apex Domain
Subdomains		 Transfer
19 billing.ms
h20.billing.ms
h2o.billing.ms
63 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3651
ekr.zdassets.com — Cisco Umbrella Rank: 4451
345 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 130
215 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 514
17 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100
229 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 71
td.doubleclick.net — Cisco Umbrella Rank: 484
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 9
64 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 246
82 KB
1 zendesk.com
wireless-billing.zendesk.com
1 KB
1 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 27445
381 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 296
29 KB
42 11
Domain Requested by
18 h2o.billing.ms h2o.billing.ms
6 static.zdassets.com h2o.billing.ms
v2.zopim.com
static.zdassets.com
3 www.facebook.com connect.facebook.net
h2o.billing.ms
3 bat.bing.com www.googletagmanager.com
bat.bing.com
h2o.billing.ms
3 www.googletagmanager.com h2o.billing.ms
www.googletagmanager.com
2 www.google.com www.googletagmanager.com
h2o.billing.ms
2 connect.facebook.net h2o.billing.ms
connect.facebook.net
1 wireless-billing.zendesk.com static.zdassets.com
1 ekr.zdassets.com v2.zopim.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 v2.zopim.com 1 redirects
1 cdnjs.cloudflare.com h2o.billing.ms
1 h20.billing.ms 1 redirects
42 14

This site contains links to these domains. Also see Links.

Domain
plus.google.com
Subject Issuer Validity Valid
billing.ms
WE1		 2025-05-03 -
2025-08-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2025-05-22 -
2025-08-20		 3 months crt.sh
*.google-analytics.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-03-06 -
2025-06-04		 3 months crt.sh
*.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 07		 2025-03-14 -
2025-09-10		 6 months crt.sh
*.g.doubleclick.net
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.doubleclick.net
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
zdassets.com
WE1		 2025-04-29 -
2025-07-28		 3 months crt.sh
wireless-billing.zendesk.com
E6		 2025-04-11 -
2025-07-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://h2o.billing.ms/
Frame ID: F32BABFCD636C59B35AA950B6C27FA30
Requests: 34 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fh2o.billing.ms
Frame ID: E3A43E717B204672AC92A0ABD361858B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1050548704?random=1748409347377&cv=11&fst=1748409347377&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55q0v9210626024za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fh2o.billing.ms%2F&hn=www.googleadservices.com&frm=0&tiba=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&npa=0&pscdl=noapi&auid=1355002034.1748409347&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg
Frame ID: 22DC0E2050434FFE3EB97C71E4B78A87
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Frame ID: E2FC8251EA6D5A9F90C7AF821AD1FBA3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

H2Oâ„¢ Express Bill Payment Form | H2O Wirelessâ„¢

Page URL History Show full URLs

  1. https://h20.billing.ms/ HTTP 301
    https://h2o.billing.ms/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

12
IPs

2
Countries

769 kB
Transfer

2391 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://h20.billing.ms/ HTTP 301
    https://h2o.billing.ms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://v2.zopim.com/?Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h2o.billing.ms/
Redirect Chain
  • https://h20.billing.ms/
  • https://h2o.billing.ms/
27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f15e2d03510043db014021eb14a1dfd4572ee53e7306c996b6d614769799db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
946b46ab3f2edeed-SEA
content-encoding
br
content-type
text/html
date
Wed, 28 May 2025 05:15:45 GMT
last-modified
Tue, 08 Mar 2022 16:14:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMoObLLbip0sVuZttaeNm7YKsGLB0arb%2FMXmJ6%2BrQeFrBozxYHgyNKFU7CCZ6GzPozUozCXozKngFEWdE3jnUwgTXMdFLSPHgWD1tm2%2FrfDcEJECoevQTrsvj7I3MuET"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=79293&min_rtt=73745&rtt_var=19592&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5285&recv_bytes=4920&delivery_rate=9958&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=366&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-proxy-cache
DISABLED

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
946b46a9fe39deed-SEA
content-type
text/html; charset=iso-8859-1
date
Wed, 28 May 2025 05:15:45 GMT
location
https://h2o.billing.ms/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnvL7eRJ44DjLj61cRUmlTrKsVj6qyRbEQiB2QP9%2FHoytuXAmaVLXr5KiIHX8SJUK7%2F%2FD1zH1AvKNlfe%2B1zEVTyVcwUEk%2FI%2BAzQiwSs%2BCaTiSFhIbjw2JIGtKhtf0ek1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=73959&min_rtt=73745&rtt_var=15751&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4276&recv_bytes=4442&delivery_rate=8542&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=199&x=1" cfExtPri cfHdrFlush;dur=0
x-proxy-cache
DISABLED
main.css
h2o.billing.ms/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/main.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e75aa2d75c56a53b8fc42e4c2b0102080dce809128157a3ce43b38b2ce94bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOizaKm1Ik3wS2w%2ByBHw10W2crvvxQIB97pMELt%2FdCY%2FLqKoFlZPsmjB%2BoEDxrT%2FuKT%2Fm1C1kRr3fGh6hcjx1GH2mRiMwHdNlCR6RCUWL0Xk%2F%2Fm%2F0kPjK%2BoXVAnw%2BArE"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fcbdeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=25&recv=29&lost=0&retrans=0&sent_bytes=14357&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=545&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:18 GMT
priority
u=0,i=?0
compressed2.css
h2o.billing.ms/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/compressed2.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f5ed33192724dd6ea3781889af370e189326ffb309cdaf1983f2edbf66e349

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWNvnGpcPpUrRjYa1sTevZOpa%2BvQFMZybNeOXXx2%2FI%2FkdJq9wdpmnj%2B65txDXjyy14rSV1M0DfuM5QbMXpE0PewZiad5YxNCf%2BX0xc7XCVmvFrHIPM1vwus0MugEqeHE"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fcedeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=28&recv=29&lost=0&retrans=0&sent_bytes=17154&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=549&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:19 GMT
priority
u=0,i=?0
loaded.css
h2o.billing.ms/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/loaded.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a93057489b15bfe087e02deeca8473d793626ac4d95f4274b53050d0a79dbe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=babc9TcgJtr5HMAzz%2BIZH5zeTLtcnJR6hU4fuN1fR5lS2eaTw2IVA6zHdvQj8zEZrkhAEjDLIzNaXwY5r2XHyN%2BjeXzJszN2gZSTEFM6tR%2B1ii7ShJvXPkQFUn%2BHFKjC"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fcfdeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=26&recv=29&lost=0&retrans=0&sent_bytes=15555&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=547&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:19 GMT
priority
u=0,i=?0
structure.css
h2o.billing.ms/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/structure.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a96c0d672c93477766a5dac2b2cfa5990293a8f8bd6f31aab2dd86d1a8d9ba2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JgQomoJd97Hsh46muo1nuYlm%2Bx2niF6k3AKDn2w5FWnD%2FCcSqjG1cf9zKbER8dzPjaB88wN0gfYT95yHKQRVccz8Xiep0aOnAyVl8deX9D6LpdWYi5h1xg5TG3W0KbU9"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd2deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=31&recv=29&lost=0&retrans=0&sent_bytes=20032&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=551&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:19 GMT
priority
u=0,i=?0
form.css
h2o.billing.ms/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/form.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be039d3b057b724a070d3c67b421dcbe888869a1f10de59827a8978250963fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3xILk2ymvXRtJhzoQa8XNv2Ah%2FI2SFqp64mWvnvL3ZDQUWrFwq3r%2BGSjuQYOdYJfPdY21DQLWDU%2FQ7six86SCS%2BIK%2BSUv1eVI7v3R7ivFkr99zKsR%2BjeAv211%2FSVSF1"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd3deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=35&recv=29&lost=0&retrans=0&sent_bytes=23106&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:20 GMT
priority
u=0,i=?0
theme.css
h2o.billing.ms/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/css/theme.css
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f954f2fc411bec00d363e7d9269de9b56077e39a69a9b708e67dfe274444ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuuQoEOkgiqCxdG2ZNrofqRIP%2F5tbWtnOMb1Pg6XJpKxIb91j0VW9sdBsnqmajydJ4TCgA6SCZ6JBHfd0FS6p3HFTRoeQS0q%2BzcMXkGGqEqzNSBuSPXlCbJU%2FHezVwOG"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd4deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77335&min_rtt=73745&rtt_var=1184&sent=52&recv=45&lost=0&retrans=0&sent_bytes=37305&recv_bytes=9909&delivery_rate=93621&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=707&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/css
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
priority
u=0,i=?0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-16bac"
age
384764
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ATlJH4g8M75VZPFdojbx7H2suNMR44zhX99Y1ywnnYuPWshDCGiTWZsUhUtWd5Ltzl0shtoqU5bq1JkhjNY7bl1ArA5w9lKX1UmCEHox%2FhB6avx%2BUKPl2dHeNXskx6XCLEcRL1p"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 18 May 2026 05:15:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 28 May 2025 05:15:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
946b46acbc6d491d-YVR
accept-ranges
bytes
access-control-allow-origin
*
content-length
29447
server
cloudflare
fingerprint.js
h2o.billing.ms/scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/scripts/fingerprint.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d43800d15ed3a7affd70781087573b1b593a38b4d97be965d59d6e288086df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKKqyU6JEodxUZH%2BjQMDlO7JmPY6oDgJt%2FclzDbfFoUmNHhbBASADkNLcG73m3pvV7acFKDhlkSw5gXslb%2B1tyaZrSgl6oVmqdqJ6eS7LluMBrU%2B9DkrbV4dC%2BtluqMn"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd5deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=38&recv=29&lost=0&retrans=0&sent_bytes=26357&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=558&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
priority
u=1,i=?0
sisyphus.min.js
h2o.billing.ms/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/scripts/sisyphus.min.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d873d9bad4e592a2a6baa8297a29ac94491ced8998f9028dad021562d0f4d50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjKEJr0DNOSJGplKHk3kj6r3vdBjRj71HUTrvIUrsHAKqzOnvGN8wYvDBR6WR7Gwuv4iBkCARTHJkwAmNtHEtl0U5ahnrJZkHY9MwhKrYwBkiYVVcDDZwhp8p49h839s"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd7deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=37&recv=29&lost=0&retrans=0&sent_bytes=25173&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=554&x=1", cfExtPri, cfHdrFlush;dur=70
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
priority
u=1,i=?0
detect-mobile.js
h2o.billing.ms/scripts/ 		627 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/scripts/detect-mobile.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e27aa1a2f8e3d2a2e2c79042f28a28c5b7ea3cd1d05a253bc4bd017f7fc6d1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uE4TyjlsFgwZUlXERAA89mO%2BmhlFRX%2Bz7EAivNtF62b4OQ2vWSzQKRTrIPYvAkkiAUPYjGBpXqrqDuLECSWbx8RGlQZj5vHolh9K4vjo6LsceFkTakB3RtiRggQRJDHr"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fd9deed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=33&recv=29&lost=0&retrans=0&sent_bytes=21297&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=552&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
priority
u=1,i=?0
checkproxy.js
h2o.billing.ms/scripts/ 		299 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/scripts/checkproxy.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f9bf1187474a081f2a6dda3c262acf2d730c639781c66946381553b881f1ee8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FwikQ2yHob9IxJmdk%2BTBxoFSviUzlTFLe56UoCh%2FLGDIPENmK71zC58anqCLg3gkbMGTpKenoOATRgPECGgDbgi%2BUWFsedjTbYke4I8sRrz8IuQ4Mrbi59xsUayiWcP"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ac4fdadeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=34&recv=29&lost=0&retrans=0&sent_bytes=22217&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
priority
u=1,i=?0
wb-bill-payment-header.png
h2o.billing.ms/images/h2o-wireless/headers/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h2o.billing.ms/images/h2o-wireless/headers/wb-bill-payment-header.png
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a96904b1419d4449ba2c84e9ecf1a8d3ea54efbdf770aed9cff99f90746a28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtsmNP75gbytfAdMGYiu3gL7uSFc4zGh6gVi2fPa2mdjF2cR%2FhtwcK%2BEl24FhOmIEV161uvOsc4HAoVxypbfulryl%2Fu%2B8ku5Nq6SpUrb6PhyEaazg7uCwqPG3Nh%2FmfRH"}],"group":"cf-nel","max_age":604800}
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77335&min_rtt=73745&rtt_var=1184&sent=55&recv=45&lost=0&retrans=0&sent_bytes=39915&recv_bytes=9909&delivery_rate=93621&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=714&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
image/png
last-modified
Fri, 11 Jun 2021 17:19:22 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
946b46ac4fdbdeed-SEA
accept-ranges
bytes
content-length
8352
server
cloudflare
next-button.png
h2o.billing.ms/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h2o.billing.ms/images/next-button.png
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e16a291bbeac56ad0f95770db8a05e10dea081163b004dc63893ae4bca012e91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDZs2QEIIqHEr%2BBJeNJc7SYMARBkkSP81RH5NeN3PsPbA%2B%2BsZEk%2FZ%2B2RmyF1D8AH%2BS3H%2F9BP6Iuw6PNZ%2BZFzBPIX%2BbVjJZg%2BCtA3WZ0%2BCbTAbON3ssJ18wkULnwpXSVf"}],"group":"cf-nel","max_age":604800}
x-proxy-cache
DISABLED
cf-polished
origSize=1919
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77565&min_rtt=73745&rtt_var=8461&sent=35&recv=29&lost=0&retrans=0&sent_bytes=23106&recv_bytes=8870&delivery_rate=90880&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
image/png
last-modified
Tue, 08 Mar 2022 16:17:23 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
946b46ac4fdcdeed-SEA
accept-ranges
bytes
content-length
1917
server
cloudflare
grey-h2o-footer-with-activate.png
h2o.billing.ms/images/h2o-wireless/footer/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h2o.billing.ms/images/h2o-wireless/footer/grey-h2o-footer-with-activate.png
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e988a781c798303d8e8176a07a09135ed9b671da6c7b9a7244337ec60b8b4485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmpu4srjdZtMYzwKJrWex%2BSU4puaCj6XWD2FXA4uZrWqwJpi9Y66PGp%2Fra%2Bsl6LpAu6AbwUfwAsLGMlGSjWJHt21vGXL%2B0F865i2k2oFerncGRjU6VkYUTRdy2UUEIUm"}],"group":"cf-nel","max_age":604800}
x-proxy-cache
DISABLED
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=81676&min_rtt=73745&rtt_var=5768&sent=63&recv=50&lost=0&retrans=0&sent_bytes=49131&recv_bytes=10124&delivery_rate=138426&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=798&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
image/png
last-modified
Fri, 11 Jun 2021 17:19:22 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
946b46add8e2deed-SEA
accept-ranges
bytes
content-length
14377
server
cloudflare
gtm.js
www.googletagmanager.com/ 		314 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5X7HH34
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f3565f915f6c417d212a2f6078d8701a38aca01796c0304eede49cc8f031b86e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
expires
Wed, 28 May 2025 05:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 05:15:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 28 May 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1319:0
content-length
113267
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		275 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-3IoFF0QU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 28 May 2025 05:15:46 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-3IoFF0QU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=136, rtx=0, c=24, mss=1232, tbw=8723, tp=13, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
Apa0xrUNYA+9jg3mF9icC0xIdh0U4ceJvaUhznSDfGtThz9sMuxi7UIeuXbyudM+vwWXBueljxaRbC9o7MbDEw==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-3IoFF0QU' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
70852
x-xss-protection
0
origin-agent-cluster
?1
globalheader.png
h2o.billing.ms/images/ 		117 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h2o.billing.ms/images/globalheader.png
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/css/compressed2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bea916d28c68935746f8ac5d84ea175551f79c7d2c132343add8346ea7c6653

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/css/compressed2.css

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1exTk5veOcz7Di7a9sZnBHh60%2BFisd9gdVFyoU2FQEHP1FQWUU96hyaHXvMXtoxAU09PhKUWcbIopTdbeEVHCtngL20UJmRE4zcBSAP1AfcRytOi6qNZoFWBkocC3v2e"}],"group":"cf-nel","max_age":604800}
x-proxy-cache
DISABLED
cf-polished
origSize=206
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78412&min_rtt=73745&rtt_var=4882&sent=78&recv=59&lost=0&retrans=0&sent_bytes=65337&recv_bytes=11142&delivery_rate=158497&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=907&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
image/png
last-modified
Fri, 11 Jun 2021 17:19:19 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
946b46ae793fdeed-SEA
accept-ranges
bytes
content-length
117
server
cloudflare
fieldbg.gif
h2o.billing.ms/images/ 		46 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h2o.billing.ms/images/fieldbg.gif
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/css/form.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/css/form.css

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMyN2disKIwzj50YHJAPCtdULKp2SK73V80Mfmeb9cYho7WXPrK49pQMPmZOP4P6IQbWxM8SK7WXDUbAZohw20Rb7aK8Fu%2FZFodGUdR4t5Ra2oznJbrfp0uHceKueu0u"}],"group":"cf-nel","max_age":604800}
x-proxy-cache
DISABLED
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78412&min_rtt=73745&rtt_var=4882&sent=77&recv=59&lost=0&retrans=0&sent_bytes=64558&recv_bytes=11142&delivery_rate=158497&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=906&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:46 GMT
content-type
image/gif
last-modified
Fri, 11 Jun 2021 17:19:21 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
946b46ae7940deed-SEA
accept-ranges
bytes
content-length
46
server
cloudflare
339494703244209
connect.facebook.net/signals/config/ 		63 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/339494703244209?v=2.9.203&r=stable&domain=h2o.billing.ms&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
0db49fb7a4ac41ce60da28a41f7f64e4be312e9fbe150902011d19bd14aceff3
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-FkaLyr4q' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 28 May 2025 05:15:46 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-FkaLyr4q' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=137, rtx=0, c=88, mss=1232, tbw=84439, tp=80, tpl=0, uplat=148, ullat=0
pragma
public
x-fb-debug
H+7F2kaStr4IJGWpQztKUHM0eJ4ovtVPMjuVEDHteaOpkm0kOcWukFYjzZJxr+kyb7WntWoYdB+tHubd1ap3+Q==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-FkaLyr4q' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fh2o.billing.ms%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1506406572.1748409347&dt=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&auid=1355002034.1748409347&navt=n&npa=0&gtm=45He55q0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&tft=1748409347091&tfd=1628&apve=1&apvf=f
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X7HH34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f106.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers
destination
www.googletagmanager.com/gtag/ 		337 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1050548704&cx=c&gtm=45He55q0za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X7HH34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bd3b38d304f958ff8100f64d47fa0584b1c70d3824ae70c92ed8412cac4e27bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 28 May 2025 05:15:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 05:15:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 28 May 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
118472
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X7HH34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4e400da2b9e9a111a08457d1de07c9280c7233e4a305b967da320564a83eb0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"8077e3804cc0db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 98FFC1D6266D436E894A53F6EB815219 Ref B: DEN301000101021 Ref C: 2025-05-28T05:15:47Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14978
date
Wed, 28 May 2025 05:15:47 GMT
content-type
application/javascript
last-modified
Thu, 08 May 2025 19:07:55 GMT
vary
Accept-Encoding
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H2
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"c88d625098ddb649cf216dba2e52435c"
x-amz-version-id
WMesL9vmhI.234AxAumRpyV7JUKtWS.4
age
42
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkkxFt%2BrUjppcnXmQbcorPTH9f4KANIguA990eRsFpYumVfqJ2pk75tjAGUYIujsQBMADPqnhJt5R5k%2FDdDM1nxNSV5S71vEHnTd61zlYDJl2JNmJSQL4yEuYj4b44ubSUlmpDU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Wed, 28 May 2025 05:15:47 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 09:45:04 GMT
vary
Accept-Encoding
x-amz-id-2
BlcM8F86Fy73CS8KpvCJy/P3V96pHYzlRQfjr8NpYh3dktDN1Co/Y+HswC9K5LESAMvwgoukeJiwRjF7pp9GJw==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2TEBA2T8Q60F01HB
cf-ray
946b46b73a4b48f9-YVR
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location
https://static.zdassets.com/ekr/asset_composer.js
cf-ray
946b46b51f576e84-SEA
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
143
date
Wed, 28 May 2025 05:15:47 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/55j0/ Frame E3A4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fh2o.billing.ms
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X7HH34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
sffe /
Resource Hash
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1482
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 28 May 2025 05:15:47 GMT
expires
Thu, 28 May 2026 05:15:47 GMT
last-modified
Mon, 19 May 2025 09:28:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/privacy_sandbox/topics/registration/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/privacy_sandbox/topics/registration/?id=339494703244209
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/339494703244209?v=2.9.203&r=stable&domain=h2o.billing.ms&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ix0nDKw0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

access-control-expose-headers
X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7509360965563353224&cpp=C3&cv=1023240420&st=1748409347382"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
observe-browsing-topics
?1
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods
OPTIONS
alt-svc
h3=":443"; ma=86400
date
Wed, 28 May 2025 05:15:47 GMT
content-type
image/png
vary
Origin, Accept-Encoding
x-fb-debug
TCydL8KAi8GgO0WgIiQZx6pST9Z0NlyJZJ5BP1iMiRiKaSNA8mqVFaoaxBgf/nYTkpgb8Ur1rj0jfoC7sqyeTQ==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7509360965563353224&cpp=C3&cv=1023240420&st=1748409347382", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ix0nDKw0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=136, rtx=0, c=24, mss=1232, tbw=8717, tp=13, tpl=0, uplat=17, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=339494703244209&ev=PageView&dl=https%3A%2F%2Fh2o.billing.ms%2F&rl=&if=false&ts=1748409347140&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748409347138.91104384569170329&ler=empty&cdl=API_unavailable&it=1748409346775&coo=false&rqm=GET
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=136, rtx=0, c=24, mss=1232, tbw=8770, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 28 May 2025 05:15:47 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=339494703244209&ev=PageView&dl=https%3A%2F%2Fh2o.billing.ms%2F&rl=&if=false&ts=1748409347140&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748409347138.91104384569170329&ler=empty&cdl=API_unavailable&it=1748409346775&coo=false&rqm=FGET
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-WgIcrMcm' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7509360966159397035&cpp=C3&cv=1023240420&st=1748409347380"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["2160896933951125"]},"debug_reporting":true,"debug_key":"168441523117779215"}
date
Wed, 28 May 2025 05:15:47 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
hFP27YI+9zSB30OZFaWA+OV5HHS2xPNuihDCqUsappTP3rTkhLiQ8Hg7Fin80KxNtNUyz5MTj3tEBNtDjzp1/g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7509360966159397035&cpp=C3&cv=1023240420&st=1748409347380", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-WgIcrMcm' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=150, rtx=0, c=27, mss=1232, tbw=9318, tp=21, tpl=0, uplat=201, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1050548704/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1050548704/?random=1748409347377&cv=11&fst=1748409347377&bg=ffffff&guid=ON&async=1&gtm=45be55q0v9210626024za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fh2o.billing.ms%2F&hn=www.googleadservices.com&frm=0&tiba=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&npa=0&pscdl=noapi&auid=1355002034.1748409347&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1050548704&cx=c&gtm=45He55q0za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
16c570a81b3f05fa1df0382cd39710b1ebe0da237c78f0b2e69c52462ad1a0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
1922
date
Wed, 28 May 2025 05:15:47 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1050548704
td.doubleclick.net/td/rul/ Frame 22DC 		13 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1050548704?random=1748409347377&cv=11&fst=1748409347377&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55q0v9210626024za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fh2o.billing.ms%2F&hn=www.googleadservices.com&frm=0&tiba=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&npa=0&pscdl=noapi&auid=1355002034.1748409347&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1050548704&cx=c&gtm=45He55q0za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h2o.billing.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 May 2025 05:15:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5797197.js
bat.bing.com/p/action/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5797197.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
859add00ea7daf359c24858abdcae9ffd48bfc8a1878c66facd29a7cb955c45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78037DFE8FBC4C93AC9E929860FC5B8F Ref B: DEN301000101021 Ref C: 2025-05-28T05:15:47Z
x-cache
CONFIG_NOCACHE
date
Wed, 28 May 2025 05:15:47 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF
ekr.zdassets.com/compose/zopim_chat/ 		859 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57eb58fb24c4f3ca3e7e139e8e5130284c011c84ec387c7e2096d469c42b4574
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

access-control-max-age
7200
x-request-id
942b8e3edbc2f069-SEA
access-control-expose-headers
content-encoding
gzip
cf-cache-status
HIT
etag
W/"57eb58fb24c4f3ca3e7e139e8e513028"
age
19
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDz862ffRgBKsoJ1ncVZoK57SRKsRMgXzCsQt0saRBQ%2Fyp1rJgxNm1j2VfeeHLoiYt2dp2vIry6DFJwZZkrBeJuG0eKMokLGKIO9SApjcnk3RcII0Kub8T2rnaZGbFg6a%2B8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Wed, 28 May 2025 05:15:48 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.005063
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
6
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
zorg
cf-ray
946b46b99d82d461-SEA
access-control-allow-origin
*
x-zendesk-zorg
yes
x-xss-protection
1; mode=block
server
cloudflare
/
www.google.com/pagead/1p-user-list/1050548704/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1050548704/?random=1748409347377&cv=11&fst=1748408400000&bg=ffffff&guid=ON&async=1&gtm=45be55q0v9210626024za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fh2o.billing.ms%2F&hn=www.googleadservices.com&frm=0&tiba=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&npa=0&pscdl=noapi&auid=1355002034.1748409347&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzfK8bLH9RTXOzWlK6BAyVhBVTs2q4Rw&random=61753254&rmt_tld=0&ipr=y
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 28 May 2025 05:15:47 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5797197&tm=gtm002&Ver=2&mid=5093b705-fa4a-4143-8072-2ff090a1451a&bo=1&sid=d09440a03b8211f083f3fd1e0efbaebb&vid=d09441503b8211f0a3a59ddd4bba48c0&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=H2O%E2%84%A2%20Express%20Bill%20Payment%20Form%20%7C%20H2O%20Wireless%E2%84%A2&p=https%3A%2F%2Fh2o.billing.ms%2F&r=&lt=832&evt=pageLoad&sv=1&cdb=AQAQ&rn=284284
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CFA4C0E170B44128F31A042B263C1AE Ref B: DEN301000101021 Ref C: 2025-05-28T05:15:48Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 28 May 2025 05:15:47 GMT
/
h2o.billing.ms/ 		27 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/
Requested by
Host: h2o.billing.ms
URL: https://h2o.billing.ms/scripts/checkproxy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f15e2d03510043db014021eb14a1dfd4572ee53e7306c996b6d614769799db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMoObLLbip0sVuZttaeNm7YKsGLB0arb%2FMXmJ6%2BrQeFrBozxYHgyNKFU7CCZ6GzPozUozCXozKngFEWdE3jnUwgTXMdFLSPHgWD1tm2%2FrfDcEJECoevQTrsvj7I3MuET"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ab3f2edeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=79293&min_rtt=73745&rtt_var=19592&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5285&recv_bytes=4920&delivery_rate=9958&cwnd=12000&unsent_bytes=0&cid=86dfc58955764e1b&ts=366&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:45 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 08 Mar 2022 16:14:31 GMT
priority
u=0,i
favicon.ico
h2o.billing.ms/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://h2o.billing.ms/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b230b8f07abda5ce80d1cd53e9416610d4b3b0a29a662de8ccfa8d48003f7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://h2o.billing.ms/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwDI9UMJbWa9bsIWlIyjW8S%2FTCjzSZf0rSsjco4V3TZSWXAyqfA%2BUxBeZWope8%2FqdsR6lsbSE1pCVQOczKm4lcW2vECiG9bKE7jx4dyhVB3jXyOzES4gTaHFjt3EUsEO"}],"group":"cf-nel","max_age":604800}
cf-ray
946b46ba38acdeed-SEA
x-proxy-cache
DISABLED
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78110&min_rtt=73745&rtt_var=4266&sent=80&recv=61&lost=0&retrans=0&sent_bytes=66206&recv_bytes=11650&delivery_rate=21352&cwnd=18000&unsent_bytes=0&cid=86dfc58955764e1b&ts=2785&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 28 May 2025 05:15:48 GMT
content-type
image/x-icon
last-modified
Fri, 11 Jun 2021 17:19:18 GMT
vary
Accept-Encoding
priority
u=1,i
web-widget-main-f5a540e.js
static.zdassets.com/web_widget/classic/latest/ Frame E2FC 		830 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?Iqj3UVfM8H3DS4XXtJon4wJ1t6SWNysF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c923eef0880b2962169fdf48a67e9af79d7f178b81dbe55c56aefe807506d76
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"e1a3a9d54f5292f110277858d188171e"
x-amz-version-id
OrLzZ.1C1HlAL93ynBinsBSpBjkivn68
age
674753
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GT9oboWlvGjnsygZp8qPa2AVHQQbl2Q3Beskip%2FmQIL%2BReQ2QFA9UkKSWtGKKWlC3lXxs5VroO0CKqvwbLm7ry1gn595vKTKc6EL%2BmTAbmQAPHmg1Hjk4eMHYE%2B7IygqWw622dw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 19 May 2026 10:39:42 GMT
date
Wed, 28 May 2025 05:15:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 19 May 2025 10:39:43 GMT
vary
Accept-Encoding
x-amz-id-2
ku+wkCMHr3pV+97AZRrfLVsgA/w06S96O0/5iz47bXBpirKQvfeVYjgg+CEpcZd7GkKNEu4xzEFOtLrWWZcWbiJgWHSXnEwnpa69rMmmuiU=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K30EKMAR7G6M679M
cf-ray
946b46ba884748f9-YVR
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
en-us-json-f5a540e.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame E2FC 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-f5a540e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id
zdDnFSv7cclzwfw0QIrGX7_zEZEfZfvg
age
674751
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsSCbPktrGvF0OQMfqprr0bi9wwaAdBNDWkSX44n07%2F3MylcOd9GxcPzOQEszRnj3hGMfng3Ggir9tWpKtDKm2RIwAh9reDxmhetPOE0KeJbne4r%2BsJPYwIG0hCKmxcV8BwarLo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 19 May 2026 10:39:44 GMT
date
Wed, 28 May 2025 05:15:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 19 May 2025 10:39:45 GMT
vary
Accept-Encoding
x-amz-id-2
J2BxVWf6eaHKkaLzzncB0rX0AWCU6Vp2/W53h6k1USCR6JabJkMM1MU6kMrlERYbSaw8hJUOf48K3NFDWwLQNSbe9MLdiW0h0J3cKiKYSmk=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2EAJ7Y54XSR3AFV0
cf-ray
946b46be2e1548f9-YVR
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
config
wireless-billing.zendesk.com/embeddable/ Frame E2FC 		507 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wireless-billing.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.6 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd3142bdedd547d8f89d857299976ddc23c751b1dca7949848b9011dd5f0789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
946b46bf9e1f45a5-SJC
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-787db89964-hnnl9
content-encoding
gzip
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NDEPubc9BjGTX5YdH3lzGYxiwsbS%2B6ot6KB0dAft5qchT1a1%2Fj%2F1h2oeM5S6bgPxKjCDoOMPu3A%2Fw0kZNbiRTPCMG1VWPWxrcL%2FImfXtfw1jS7x9OAbw2yVA4wI8LcaR7%2Fanp1k2vkCTbGDRiE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Wed, 28 May 2025 05:15:49 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.001520
last-modified
Wed, 28 May 2025 05:15:49 GMT
x-cache-status
MISS
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
zendesk-service
embeddable
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
5
x-envoy-decorator-operation
/embeddable
via
zorg
cf-ray
946b46bf9e1f45a5-YVR
access-control-allow-origin
*
x-zendesk-zorg
yes
server
cloudflare
web-widget-chat-sdk-f5a540e.js
static.zdassets.com/web_widget/classic/latest/ Frame E2FC 		217 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-f5a540e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"08a68a7308737a004b2991aa3dd00688"
x-amz-version-id
2vgZ2JDdnoZIx77r9CSrlvdu30ZjdC9j
age
674751
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6WnjTVpt8TatABcFv33Sd%2F4B1NJYfDP%2FuPVQJDc9zOQB%2BEa7WtMfHwvZ2GFla%2BC3WYe5MobHji7H6RQcPbBVdTUkQHBMJcqMEeKg6Fe8qR2fj5ysRQrXpxofw9%2FbqyhAbcQfBs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 19 May 2026 10:39:42 GMT
date
Wed, 28 May 2025 05:15:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 19 May 2025 10:39:43 GMT
vary
Accept-Encoding
x-amz-id-2
h/4/kcIZRtX7Jrs3yl4l+eW7VMhb1WqQqwIDRrnLlO8XXki4JJRlOMaIs17snCtTjPYVkcQhQHGsfeeD8VKv9g==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2EASRKJFQ0T2GCZY
cf-ray
946b46bf29b748f9-YVR
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-chat-incoming-message-notification-f5a540e.js
static.zdassets.com/web_widget/classic/latest/ Frame E2FC 		236 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-f5a540e.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"e9d8b92096016dfd74d2f2500556464e"
x-amz-version-id
EXHQr9ex7VEjHcbHh75j_FpTXY2_M9dq
age
674751
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mprrdRKjY021NG6yKMwHTlv%2FFqiqMjDn9xl8I%2FBiVVUo4t8vyFH3hLXgLWjgrUH8xLOEICHuMDlsi50i2ZA%2BdzO3QzoW61aR8RhYfWPAFZJupk4vEFAPH4F7zSWWxsgMlqMx9xU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 19 May 2026 10:39:42 GMT
date
Wed, 28 May 2025 05:15:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 19 May 2025 10:39:43 GMT
vary
Accept-Encoding
x-amz-id-2
Vm8+vc9LM1INohjuPuLS77Vj5btHa5hfrZlStwVgB8LlF/l7y8umEIFgy4POG8IsAFHbM44ixdYhQgD+agUhLw==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GFSGMFS06K0477A2
cf-ray
946b46c7fd9e48f9-YVR
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame E2FC 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-max-age
0
cf-cache-status
HIT
etag
"f11ce9e8f40a392830217253fe75d6de"
x-amz-version-id
SbGCIJ2SN2UNtezVUBsPz6twHS7ItMYi
age
1624361
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs8pQIcZpTAwjWoKkYMyFjDw1qfXXngejVgzX0m1YgOJ8bujEplFNLLpWtJDLgZ8lJIMfADHZl0cC31ZSY5VmF4viDk81%2FaiMEZdQu4pXZC3tTnCZllo40inL93mkkePT4FuVXU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Fri, 17 Apr 2026 12:38:06 GMT
date
Wed, 28 May 2025 05:15:50 GMT
content-type
audio/mpeg; charset=utf-8
last-modified
Fri, 27 Dec 2024 08:59:09 GMT
vary
Accept-Encoding
x-amz-id-2
EwJG3MvmG7Pkb5y9hUBk4MwamVqWrqiQe71DZz17bkR58PbYfvj3naftpBxvqzxSV4pbertktEmsnVOaCXKkjOjWGfPlrv1D
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-19697/19698
x-amz-request-id
S86B5DGWRSV3981T
cf-ray
946b46c8e92e48f9-YVR
access-control-allow-origin
*
Content-Length
19698
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

27 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer function| $ function| jQuery function| Fingerprint object| Sisyphus function| detectMobile function| behindProxy object| jQuery110207051851908110612 function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| $zopim object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_356e300c6a object| uetq object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded

8 Cookies

Domain/Path Name / Value
.billing.ms/ Name: _gcl_au
Value: 1.1.1355002034.1748409347
.billing.ms/ Name: _fbp
Value: fb.1.1748409347138.91104384569170329
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.billing.ms/ Name: _uetsid
Value: d09440a03b8211f083f3fd1e0efbaebb
.billing.ms/ Name: _uetvid
Value: d09441503b8211f0a3a59ddd4bba48c0
.bing.com/ Name: MUID
Value: 103073819E6269762ABE667B9F9A6892
.bat.bing.com/ Name: MR
Value: 0
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: 5A4Cl18qDgn9VaA+SsjqYAk+YLNGnj1jlblzlPGto8COaT9Tg8Q+nJfw1/EWd3NhnJOW8tIhWC7Vj2QpMGQUjiKsGgJcGHw1R069AjOe9CZqiHz34Fn65jHVZiMf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
ekr.zdassets.com
googleads.g.doubleclick.net
h20.billing.ms
h2o.billing.ms
static.zdassets.com
td.doubleclick.net
v2.zopim.com
wireless-billing.zendesk.com
www.facebook.com
www.google.com
www.googletagmanager.com
104.17.25.14
104.17.96.195
142.251.111.154
142.251.16.97
150.171.28.10
157.240.229.35
172.253.63.106
172.66.40.235
216.198.53.3
216.198.54.3
216.198.54.6
31.13.66.19
64.233.180.155
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
09e75aa2d75c56a53b8fc42e4c2b0102080dce809128157a3ce43b38b2ce94bd
0db49fb7a4ac41ce60da28a41f7f64e4be312e9fbe150902011d19bd14aceff3
11f954f2fc411bec00d363e7d9269de9b56077e39a69a9b708e67dfe274444ac
16c570a81b3f05fa1df0382cd39710b1ebe0da237c78f0b2e69c52462ad1a0f5
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
1bea916d28c68935746f8ac5d84ea175551f79c7d2c132343add8346ea7c6653
3a93057489b15bfe087e02deeca8473d793626ac4d95f4274b53050d0a79dbe1
3d873d9bad4e592a2a6baa8297a29ac94491ced8998f9028dad021562d0f4d50
3f9bf1187474a081f2a6dda3c262acf2d730c639781c66946381553b881f1ee8
467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94
4a96c0d672c93477766a5dac2b2cfa5990293a8f8bd6f31aab2dd86d1a8d9ba2
4c923eef0880b2962169fdf48a67e9af79d7f178b81dbe55c56aefe807506d76
57eb58fb24c4f3ca3e7e139e8e5130284c011c84ec387c7e2096d469c42b4574
5bd3142bdedd547d8f89d857299976ddc23c751b1dca7949848b9011dd5f0789
859add00ea7daf359c24858abdcae9ffd48bfc8a1878c66facd29a7cb955c45f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8e27aa1a2f8e3d2a2e2c79042f28a28c5b7ea3cd1d05a253bc4bd017f7fc6d1e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0a96904b1419d4449ba2c84e9ecf1a8d3ea54efbdf770aed9cff99f90746a28
b0d43800d15ed3a7affd70781087573b1b593a38b4d97be965d59d6e288086df
b1b230b8f07abda5ce80d1cd53e9416610d4b3b0a29a662de8ccfa8d48003f7b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
bd3b38d304f958ff8100f64d47fa0584b1c70d3824ae70c92ed8412cac4e27bf
be039d3b057b724a070d3c67b421dcbe888869a1f10de59827a8978250963fb5
c4e400da2b9e9a111a08457d1de07c9280c7233e4a305b967da320564a83eb0f
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d7f5ed33192724dd6ea3781889af370e189326ffb309cdaf1983f2edbf66e349
e16a291bbeac56ad0f95770db8a05e10dea081163b004dc63893ae4bca012e91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f15e2d03510043db014021eb14a1dfd4572ee53e7306c996b6d614769799db
e988a781c798303d8e8176a07a09135ed9b671da6c7b9a7244337ec60b8b4485
eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709
f3565f915f6c417d212a2f6078d8701a38aca01796c0304eede49cc8f031b86e