urlscan.io logo urlscan.io
SecurityTrails logo

www.exchange.billgo-dev.com Open in urlscan Pro
18.66.2.25  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.exchange.billgo-dev.com/
Submission: On May 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 18.66.2.25, located in United States and belongs to AMAZON-02, US. The main domain is www.exchange.billgo-dev.com.
TLS certificate: Issued by Amazon on June 8th 2021. Valid for: a year.
This is the only time www.exchange.billgo-dev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    18.66.2.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-25.txl50.r.cloudfront.net
www.exchange.billgo-dev.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.215.192.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-133.eu-west-1.compute.amazonaws.com
ds80j2s9nzzv.statuspage.io
Apex Domain
Subdomains		 Transfer
9 billgo-dev.com
www.exchange.billgo-dev.com
972 KB
4 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 3621
rs.fullstory.com — Cisco Umbrella Rank: 3267
74 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
1 statuspage.io
ds80j2s9nzzv.statuspage.io
632 B
1 gstatic.com
www.gstatic.com
144 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 20
967 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
869 B
20 8
Domain Requested by
9 www.exchange.billgo-dev.com www.exchange.billgo-dev.com
3 rs.fullstory.com edge.fullstory.com
2 www.google-analytics.com www.exchange.billgo-dev.com
www.google-analytics.com
1 ds80j2s9nzzv.statuspage.io www.exchange.billgo-dev.com
1 www.gstatic.com www.google.com
1 edge.fullstory.com www.exchange.billgo-dev.com
1 www.google.com www.exchange.billgo-dev.com
1 cdn.jsdelivr.net www.exchange.billgo-dev.com
1 fonts.googleapis.com www.exchange.billgo-dev.com
20 9

This site contains no links.

Subject Issuer Validity Valid
www.exchange.billgo-dev.com
Amazon		 2021-06-08 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.fullstory.com
R3		 2022-04-15 -
2022-07-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.statuspage.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-12 -
2022-08-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.exchange.billgo-dev.com/
Frame ID: EA5FE26B0F78B3798088BB455FB3166E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BillGO

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1215 kB
Transfer

4010 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.exchange.billgo-dev.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1da319c016bcd7c30a55a4aaf6162479415358dbd9182afa0f5b8c728d98a776

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 09 May 2022 03:50:31 GMT
etag
W/"817c202ce35e17e7b3b766422bb4f37e"
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-amz-cf-id
32JMfHctLW4_QLwaoCpwnUZGGrYvXf4i__4CnCycy4DLMGh53qz_pQ==
x-amz-cf-pop
TXL50-P1
x-cache
RefreshHit from cloudfront
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 May 2022 03:50:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 09 May 2022 03:50:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 May 2022 03:50:30 GMT
chartist.min.css
cdn.jsdelivr.net/chartist.js/latest/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/chartist.js/latest/chartist.min.css
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4213710
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"2cf4-DFoBDQ/qmTzy2uUxXpiJvaRIoQM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONbIS5qLYxU8XF7dxqPlLYrBS8YJfrVGvSnKgknhX61Cgu4FgG6XnIL5i4PgYCsI7WPirTE5U8jNPgx%2FB6KHCbJecXYVan4IlYxMwphlkmWzdlrTA2Dy4MHje9fy%2Fsb0OPKZtqYFFPS%2FTWN%2F%2BJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
708778a71e539182-FRA
2.9d3a9c35.chunk.css
www.exchange.billgo-dev.com/static/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/css/2.9d3a9c35.chunk.css
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3867518bda58afc9cd6ec7c954711395f690bbfb55e781ffbc17208675c5e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:31 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
W/"b41c12247d460556c8f7f8f56b95455a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-amz-cf-id
06SLyt7VP_Hh4FyIvMYAkiHl90lLKn6UGzl_sNNrbG6qRQMVM40w_A==
main.dca97c30.chunk.css
www.exchange.billgo-dev.com/static/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/css/main.dca97c30.chunk.css
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7aea56f7db843899e7f809736835d3c6180fc2a24041329c76d464e12e97a52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:31 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
W/"e5352f9bbcc39fc2e351466eb0f800ea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-amz-cf-id
S9lW3A4d1VoHCx4UsIuy8I3NRPMHDiL0zR4HX-fqdyNoEzj3pBVBgQ==
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 09 May 2022 03:50:30 GMT
2.24cba539.chunk.js
www.exchange.billgo-dev.com/static/js/ 		3 MB
733 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/js/2.24cba539.chunk.js
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86476fc16393e316066f8478e2209aca2fc1108b521d65ada3fc20ec223e9dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:31 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
W/"ec607a9122b216b67376cae4cf50d4fb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-amz-cf-id
yd4NmeRJihOhZ0a1ZayR4jDz1zPcq067c9f4gh1bTqghx1t0astbng==
main.e4ef75c5.chunk.js
www.exchange.billgo-dev.com/static/js/ 		484 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/js/main.e4ef75c5.chunk.js
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7316cf970936b0e72db7191cbf35f2d67b488a2ffabfbd9133fa0f9f6905d23f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:31 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
W/"472eb070b48bdd60c2f3ae3a37cc7ce4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-amz-cf-id
86vIbs7oIyncXwhDbVM11Tv_YYG_qGGicMEB4Ap4fAGEQjfiiA1C0w==
fs.js
edge.fullstory.com/s/ 		238 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a9c9dc13a347ded2831c9e983cfe405ab6fafe556f32b3df75ab47474c6c9235

Request headers

Referer
https://www.exchange.billgo-dev.com/
Origin
https://www.exchange.billgo-dev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 02:57:56 GMT
content-encoding
gzip
age
3154
x-guploader-uploadid
ADPycdvhugGA7fg2JnvMrpxkC3cMQFKw-J9olslIYLTfZi1Vr8x0vGggbe0eK7ij9LtOwqt52SIrNrl4fy9G9yglUZwQNW77T-S8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73012
last-modified
Wed, 04 May 2022 16:51:53 GMT
server
UploadServer
etag
"9b992f8a10494baa566bb6bbb0372e74"
x-goog-hash
crc32c=NJ8mPQ==, md5=m5kvihBJS6pWa7a7sDcudA==
x-goog-generation
1651683113819006
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
73012
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 09 May 2022 03:57:56 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.exchange.billgo-dev.com/
Origin
https://www.exchange.billgo-dev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 23:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 May 2023 23:47:58 GMT
page
rs.fullstory.com/rec/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b401892a284cade30307f6f3c1ccced4500de6d344616f26b8739aa411e863b1

Request headers

Referer
https://www.exchange.billgo-dev.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 May 2022 03:50:30 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.exchange.billgo-dev.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1760
via
1.1 google
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=14C50E&UserId=6421776675889152&SessionId=4967791616057344&PageId=6688010206175232&Seq=1&PageStart=1652068230483&PrevBundleTime=0&LastActivity=506&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c0f93c040f8b75a2783deedbea0d54bc44884b2775d487381b9ae9b4cb48b86c

Request headers

Referer
https://www.exchange.billgo-dev.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.exchange.billgo-dev.com
date
Mon, 09 May 2022 03:50:30 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/static/js/2.24cba539.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5483
date
Mon, 09 May 2022 02:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 09 May 2022 04:19:09 GMT
graphql
www.exchange.billgo-dev.com/ 		86 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/graphql
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
/
Resource Hash
71cddc95a092194b224a745e40e3d228cb298a8330ca8d690588ccf56c18c498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://www.exchange.billgo-dev.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Mon, 09 May 2022 03:50:32 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
x-content-type-options
nosniff, nosniff
x-amz-cf-pop
TXL50-P1
x-frame-options
DENY
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-amz-cf-id
rCBwev_OLFk-i7LZkcnC2EtM0ub3_64sFqEGE50S43UXgDLIAfjsBg==
x-xss-protection
1; mode=block
expires
0
unresolved.json
ds80j2s9nzzv.statuspage.io/api/v2/incidents/ 		179 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ds80j2s9nzzv.statuspage.io/api/v2/incidents/unresolved.json
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.215.192.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-192-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9a3dd01b2d7283a697af6fc5d7766cc175614bc68528ad94398dc295149cb515
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.exchange.billgo-dev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=259200
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
101
x-statuspage-skip-logging
true
x-cache
HIT
date
Mon, 09 May 2022 03:50:32 GMT
x-statuspage-version
ea2c56f18ce0a9fe05f48c4c090e26f98dcb695e
content-length
179
x-xss-protection
1; mode=block
x-request-id
f6429b52-41ab-451a-818a-ba0f7c2ce24b
x-runtime
0.059402
referrer-policy
strict-origin-when-cross-origin
etag
W/"9a3dd01b2d7283a697af6fc5d7766cc1"
x-download-options
noopen
vary
Accept,Accept-Encoding,Fastly-SSL
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
9548fa3a-05c3-47ef-a6d5-f2f6fef54f84.e117c169.woff2
www.exchange.billgo-dev.com/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/media/9548fa3a-05c3-47ef-a6d5-f2f6fef54f84.e117c169.woff2
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/static/css/main.dca97c30.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b80afc1aa3b74827c04dbbc6f2107e6421772f64bfcb6b93b780bc6570aa17b

Request headers

Referer
https://www.exchange.billgo-dev.com/static/css/main.dca97c30.chunk.css
Origin
https://www.exchange.billgo-dev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:33 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 17:57:38 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
"52be7860561f34994f8e7d90f0fc77ca"
x-cache
Miss from cloudfront
content-type
font/woff2
accept-ranges
bytes
content-length
36740
x-amz-cf-id
TzalK0mVMFewzZ8-p3NDv4aGyQfLdAfN_4N5DZRVOzB4JBxpl_Z4lA==
146f526d-792d-4257-ba12-0fb6fbb8e31e.e71c1ebe.woff2
www.exchange.billgo-dev.com/static/media/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/media/146f526d-792d-4257-ba12-0fb6fbb8e31e.e71c1ebe.woff2
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/static/css/main.dca97c30.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad

Request headers

Referer
https://www.exchange.billgo-dev.com/static/css/main.dca97c30.chunk.css
Origin
https://www.exchange.billgo-dev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:33 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 17:57:37 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
"07382a6efc7520ca9dd45e6d0c2f862a"
x-cache
Miss from cloudfront
content-type
font/woff2
accept-ranges
bytes
content-length
36040
x-amz-cf-id
8s23flphk0VRExt1ZQve_HfOD-jupdDus6SyVj6hminkzSDlwyFJBg==
roboto-latin-400-normal.4673b453.woff2
www.exchange.billgo-dev.com/static/media/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.exchange.billgo-dev.com/static/media/roboto-latin-400-normal.4673b453.woff2
Requested by
Host: www.exchange.billgo-dev.com
URL: https://www.exchange.billgo-dev.com/static/css/2.9d3a9c35.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-25.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://www.exchange.billgo-dev.com/static/css/2.9d3a9c35.chunk.css
Origin
https://www.exchange.billgo-dev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 03:50:33 GMT
via
1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 17:57:38 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
"aa23b7b4bcf2b8f0e876106bb3de69c6"
x-cache
Miss from cloudfront
content-type
font/woff2
accept-ranges
bytes
content-length
15688
x-amz-cf-id
U36w32n1uBPc6h9eHpFHJDcIec-gqD5xNKwRu7OGU9AebJdnEbMN_Q==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2088565215&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exchange.billgo-dev.com%2F&dp=login&ul=en-us&de=UTF-8&dt=BillGO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=837785579&gjid=1555583778&cid=564707191.1652068232&tid=UA-151894233-1&_gid=839331351.1652068232&_r=1&_slc=1&z=1207617131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.exchange.billgo-dev.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 03:50:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.exchange.billgo-dev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle
rs.fullstory.com/rec/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=14C50E&UserId=6421776675889152&SessionId=4967791616057344&PageId=6688010206175232&Seq=2&PageStart=1652068230483&PrevBundleTime=1652068230951&LastActivity=4753&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5477430105632d91144e507b2b34af98825abf4af63e4ee4b40124723fa59f31

Request headers

Referer
https://www.exchange.billgo-dev.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.exchange.billgo-dev.com
date
Mon, 09 May 2022 03:50:36 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| _fs_loaded function| _fs_shutdown object| recaptcha object| webpackJsonpuncheck-ui function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_LICENSE_INFO__ object| AWS string| GoogleAnalyticsObject function| ga function| _ object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.billgo-dev.com/ Name: fs_uid
Value: rs.fullstory.com#14C50E#6421776675889152:4967791616057344/1683604230
.billgo-dev.com/ Name: _ga
Value: GA1.2.564707191.1652068232
.billgo-dev.com/ Name: _gid
Value: GA1.2.839331351.1652068232
.billgo-dev.com/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
ds80j2s9nzzv.statuspage.io
edge.fullstory.com
fonts.googleapis.com
rs.fullstory.com
www.exchange.billgo-dev.com
www.google-analytics.com
www.google.com
www.gstatic.com
18.66.2.25
2606:4700::6810:5814
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
35.186.194.58
35.201.112.186
52.215.192.133
1da319c016bcd7c30a55a4aaf6162479415358dbd9182afa0f5b8c728d98a776
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
5477430105632d91144e507b2b34af98825abf4af63e4ee4b40124723fa59f31
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad
71cddc95a092194b224a745e40e3d228cb298a8330ca8d690588ccf56c18c498
7316cf970936b0e72db7191cbf35f2d67b488a2ffabfbd9133fa0f9f6905d23f
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
7aea56f7db843899e7f809736835d3c6180fc2a24041329c76d464e12e97a52b
86476fc16393e316066f8478e2209aca2fc1108b521d65ada3fc20ec223e9dfa
9a3dd01b2d7283a697af6fc5d7766cc175614bc68528ad94398dc295149cb515
9b80afc1aa3b74827c04dbbc6f2107e6421772f64bfcb6b93b780bc6570aa17b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9c9dc13a347ded2831c9e983cfe405ab6fafe556f32b3df75ab47474c6c9235
b401892a284cade30307f6f3c1ccced4500de6d344616f26b8739aa411e863b1
c0f93c040f8b75a2783deedbea0d54bc44884b2775d487381b9ae9b4cb48b86c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
f3867518bda58afc9cd6ec7c954711395f690bbfb55e781ffbc17208675c5e82