defbill.com Open in urlscan Pro
2606:4700:3036::6815:38e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://defbill.com/
Submission: On December 27 via automatic, source certstream-suspicious (December 27th 2021, 12:33:00 am UTC) — Scanned from DE

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3036::6815:38e, located in United States and belongs to CLOUDFLARENET, US. The main domain is defbill.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2021. Valid for: a year.

This is the only time defbill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3036::6815:38e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.209.67 143.204.209.67	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	54.205.74.210 54.205.74.210	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	65.9.66.5 65.9.66.5	16509 (AMAZON-02) (AMAZON-02)
1	54.231.136.32 54.231.136.32	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
10	52.57.66.220 52.57.66.220	16509 (AMAZON-02) (AMAZON-02)
10	13.32.27.2 13.32.27.2	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.91 65.9.58.91	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.46 13.32.27.46	16509 (AMAZON-02) (AMAZON-02)
81	17

17 2606:4700:3036::6815:38e (United States)

ASN13335 (CLOUDFLARENET, US)

defbill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.defbill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-67.fra53.r.cloudfront.net

assets.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.74.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-74-210.compute-1.amazonaws.com

cdncloud.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.66.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-5.fra56.r.cloudfront.net

assets1.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets9.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets4.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets6.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets10.freshdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.136.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.57.66.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

wchat.eu.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.27.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-2.fra56.r.cloudfront.net

assetscdn-wchat.eu.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-91.fra56.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-46.fra56.r.cloudfront.net

407149199281688.eu.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	freshchat.com wchat.eu.freshchat.com assetscdn-wchat.eu.freshchat.com 407149199281688.eu.webpush.freshchat.com	633 KB
17	defbill.com defbill.com secure.defbill.com	1 MB
11	gstatic.com fonts.gstatic.com www.gstatic.com	523 KB
11	freshdesk.com assets.freshdesk.com cdncloud.freshdesk.com assets1.freshdesk.com assets9.freshdesk.com assets4.freshdesk.com assets6.freshdesk.com assets10.freshdesk.com	355 KB
5	jsdelivr.net cdn.jsdelivr.net	61 KB
4	recaptcha.net www.recaptcha.net	23 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	unpkg.com unpkg.com	6 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com	25 KB
1	amazonaws.com s3.amazonaws.com	37 KB
1	jquery.com code.jquery.com	30 KB
81	11

	Domain	Requested by
12	defbill.com	defbill.com
10	assetscdn-wchat.eu.freshchat.com	wchat.eu.freshchat.com assetscdn-wchat.eu.freshchat.com
10	wchat.eu.freshchat.com	defbill.com wchat.eu.freshchat.com assetscdn-wchat.eu.freshchat.com
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
5	secure.defbill.com	defbill.com secure.defbill.com
5	cdn.jsdelivr.net	defbill.com
4	www.recaptcha.net	cdncloud.freshdesk.com www.gstatic.com www.recaptcha.net
4	fonts.googleapis.com	defbill.com cdncloud.freshdesk.com
3	assets1.freshdesk.com	cdncloud.freshdesk.com assets1.freshdesk.com
2	407149199281688.eu.webpush.freshchat.com	wchat.eu.freshchat.com 407149199281688.eu.webpush.freshchat.com
2	assets4.freshdesk.com	cdncloud.freshdesk.com
2	cdncloud.freshdesk.com	defbill.com cdncloud.freshdesk.com
2	unpkg.com	defbill.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.eu.freshchat.com
1	s3.amazonaws.com	assets4.freshdesk.com
1	assets10.freshdesk.com	cdncloud.freshdesk.com
1	assets6.freshdesk.com	cdncloud.freshdesk.com
1	assets9.freshdesk.com	cdncloud.freshdesk.com
1	code.jquery.com	defbill.com
1	assets.freshdesk.com	defbill.com client
81	21

This site contains links to these domains. Also see Links.

Domain
dateeffect.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-27` - `2022-12-27`	a year	crt.sh
*.freshdesk.com Amazon	`2021-06-10` - `2022-07-09`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.freshchat.com Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
*.eu.freshchat.com Amazon	`2021-09-11` - `2022-10-10`	a year	crt.sh
freshworksapi.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://defbill.com/
Frame ID: A376F5A0415225D2AD21358F5451D13E
Requests: 30 HTTP requests in this frame

Frame: https://secure.defbill.com/iframe/refund
Frame ID: 5B972375A758E094F0528376879CDD6D
Requests: 5 HTTP requests in this frame

Frame: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Frame ID: E442FF40E4549A5D8D120FC16758FDF9
Requests: 16 HTTP requests in this frame

Frame: https://cdncloud.freshdesk.com/support/recaptcha
Frame ID: 7A51B9C2758DAA0FDCA5D08328F5BD08
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ&co=aHR0cHM6Ly9jZG5jbG91ZC5mcmVzaGRlc2suY29tOjQ0Mw..&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=normal&cb=o05aw3kswalj
Frame ID: 7F75276A4F8A6A30C595133EE81FCCCD
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ
Frame ID: 69A1F43AC7E05A0038B3B90F2CB7F2D7
Requests: 3 HTTP requests in this frame

Frame: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Frame ID: C1CD6CC50AD570BB0AE9BA2C1D19DAA0
Requests: 18 HTTP requests in this frame

Frame: https://407149199281688.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Frame ID: 19C1BE3EE2804DFDEFC433968C92C76E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DateEffect

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

81
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

21
Subdomains

17
IPs

3
Countries

2928 kB
Transfer

7509 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://dateeffect.com/login.php
Title: DateEffect.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
defbill.com/ 16 KB
5 KB 230ms
211ms Document
text/html 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.31
Resource Hash: f1d80c3f42579ae988d008f6acf09b793902554891cb6eaf78100dd589f2e3c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.31
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWBmnP6LwztaK6QOgKAT7CfSVkPQ6JwG6Qz05pXSMV6VlcvShcIO7nR31N24CLBf3TPt%2Bsd%2Bmwv%2FJIMGqAeuGxqC4q1ODJLS0LZjk8R%2BiMA5LVAzWPXC3AFjuauXaS0qxslCJo6Hfdc%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c3e74595c700605-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
25 KB 39ms
22ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://defbill.com/
Origin: https://defbill.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5370364
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3e745aeac20746-FRA

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 34ms
16ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24118310
vary: Accept-Encoding
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c2326a2b2d8a48ae91381ae086e3bd72
cache-control: public, max-age=31536000
cf-ray: 6c3e745ae88542e1-FRA

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 31ms
13ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3438061
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3e745aed3e5c02-FRA

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
982 B 33ms
16ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5170395
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3e745aed425c02-FRA

GET
H2 200 style.css
defbill.com/css/ 22 KB
5 KB 285ms
284ms Stylesheet
text/css 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://defbill.com/css/style.css
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb52325a19e363e419a21e3456267661b2c6b773d8c3f686c404765788f734

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 27 May 2021 07:46:33 GMT
server: cloudflare
etag: W/"58ef-5c34af5491160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEIk5U8eN8KntEThdSgHiCpBkB8R%2FqgDfR4193cOmFPanXp6623%2FjXLlPkVlSlQWwUHVc620aNyOenKcHr9UPfyDgb4l2YYJKj0hQO6Gi3Zop8fEXx6Qpm6JvloUm3F6OYKu45grlPgYsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745acdd70605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 header.jpg
defbill.com/images/ 336 KB
337 KB 277ms
276ms Image
image/jpeg 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/images/header.jpg
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3838811a3f100450c0b5cd96280321ff69ed223b53dd17dd59dbfde70f5c8a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:49 GMT
server: cloudflare
etag: "54105-5bc27a31d34e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghEvgi8cDm8oJVVrUYg2AEQodw8vzYnTMRDTTS3gbX5p9ltOhR2kPozAcdxiP0pp60XtGAmcq1AZDpwrjGtez7DPlzyzX50uhO7QVTCwtrplrUV6AaqUKlZoR7WnnsU%2Bm0Z3MHN03Scb%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c3e745adddc0605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 344325

GET
H2 200 about.jpg
defbill.com/images/ 481 KB
483 KB 299ms
298ms Image
image/jpeg 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/images/about.jpg
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55aae0f84eb42cb16c94bfe8972c0243a86319a72efceed4f0688c1a0ffb2bf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:50 GMT
server: cloudflare
etag: "7851c-5bc27a32afc38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHmrVk%2B0nAKOLIZWJSARnVKqr55xz388i6RvWYafaIp6I5kOKhD0bkVBLy4BsrD%2BTSykv4v1UlDvb3ZzuwEhLtLlB1RpYKPhaLQjY2v1xcuFDThUKb%2FravVy4wwW1C9acu04tfxG9q%2BhGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c3e745adddd0605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 492828

GET
H2 200 icon_reachout.svg
defbill.com/images/ 2 KB
1 KB 194ms
193ms Image
image/svg+xml 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/images/icon_reachout.svg
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12668b07381c06d9169a03442b37a5af86a6aa91964e88eb42affe2e7737ebfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:47 GMT
server: cloudflare
etag: W/"78a-5bc27a2f96cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8GI1ZwVI24l5g6K98SmUV7zTDbtVWBu2URLKHhPYTpa2MDTmODNizoX8vaLH8BVU0zGc0EapnpcdEIG4jyVuRiVygg1VTzw%2F7cT%2BVFj%2Fjx5LRAz2erNvw7aphgHf1U2pvn9DHs9swYj1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745addde0605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 icon_visitus.svg
defbill.com/images/ 2 KB
1 KB 204ms
204ms Image
image/svg+xml 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/images/icon_visitus.svg
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6d1d6ec1cc73680dd92ddbfd70192249f442fda4a0058a790ede0da369f859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:48 GMT
server: cloudflare
etag: W/"7e4-5bc27a306f1a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L75KIa8AuayFZ9A7VsUtLffDKzgk9h27%2FOnTNTq4mjCDxPFpO5kcwPm4TBPmfTJBY60iZCYdUTBIy%2Fbia%2B3ggUAnUv2OnfLIN1duMzBFZVqIlbdOJ6Mpvj16yyEGISIx2pnsmtRCUZaK%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745adddf0605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 icon_refund.svg
defbill.com/images/ 1 KB
1 KB 203ms
202ms Image
image/svg+xml 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/images/icon_refund.svg
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883ad6282f84d0c8450d3bbe0892348c69b5d3061e49f929ae5666a4756324b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:48 GMT
server: cloudflare
etag: W/"5e2-5bc27a305d868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc%2BWXyb%2FOnemY0eiSDQ%2BGsO0oXB%2FA2atFjmhFfh5dNzQhCb7YktLG0Z%2Fjr9fogM6fLotPBMIjLomxln4hUY4i8%2FPEUDVNbhyJ5tI%2FsWlKjPSQM49%2Fm7iL6UXWL5MQj4lvQQHLZ0drQMaig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745adde00605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
defbill.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://defbill.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Dec 2021 18:59:20 GMT
server: cloudflare
etag: W/"61c0d288-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFFC%2BXVVHbtAGUaf3Q4aqxCr%2BMVcFyNf04a7cXbNCyKB2%2Fcu33dUJAGgRzrEnBs96TBKw7rLJA61fIEqSKa1O392JXN1DDe40D%2BXGwHuL7Vi04n4gBVDKWYiioBXkGy1%2BysoI995B1oHaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745addda0605-FRA
vary: Accept-Encoding
expires: Wed, 29 Dec 2021 00:32:55 GMT

GET
H2 200 freshwidget.js Show response
assets.freshdesk.com/widget/ 9 KB
3 KB 42ms
8ms Script
application/x-javascript 143.204.209.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.freshdesk.com/widget/freshwidget.js
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-67.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a126fc513b831f8460dc9733c023000d5a0eee394d33787bae7c9f7362d58a66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 04 Oct 2021 10:09:09 GMT
content-encoding: gzip
last-modified: Thu, 26 Oct 2017 13:51:32 GMT
server: AmazonS3
age: 7223027
etag: "36617bb25bbb1086c3a5f70a386b3d01"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2700
x-amz-cf-id: LykbshYrizXzWBiUhaJ5ZSzEUZdbElrK7_jtcdwUfLkvGO2N8C_TQQ==

GET freshwidget.css
assets.freshdesk.com/widget/ 0
0

GET
H2 200 refund Show response
secure.defbill.com/iframe/ Frame 5B97 3 KB
1 KB 252ms
235ms Document
text/html 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.defbill.com/iframe/refund
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502c7591d841ffb532c1c1333737db5727642587cdb58975d5a4faf61802173a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-charset: utf-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuZkkZXta6TJcIt0W4VbvZgCl5gcXbg7breP0SbVYPL2g1QPBxg6hTOU9TPnDFEVrhs8HxUMjarzgPt31gfxYwk%2Fep9w34xSXm2%2Fy1n%2FGBQu21jxYvY2zSfvIzMCuUnVotXQU4X0FAdugIoiJjtoWAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c3e745aedff0605-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 127ms
70ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://defbill.com/
Origin: https://defbill.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1640565175.dop116.am5.t,1640565175.cds223.am5.hn,1640565175.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 24ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://defbill.com/
Origin: https://defbill.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5370364
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3e745b4e798bb1-FRA

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 517420
fly-request-id: 01FQD7DFVAVDENAQEF4AA07XZ3
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c3e745b390242e1-FRA

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 28ms
18ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5370362
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c3e745b4b0e6977-FRA

GET
H3 200 custom.js Show response
defbill.com/js/ 2 KB
2 KB 208ms
207ms Script
application/javascript 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://defbill.com/js/custom.js
Requested by: Host: defbill.com
URL: https://defbill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633680c72d3fa6d32b259e62433cb9b1e0225c7ba8657c6b5db5f7131f578e98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:55 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 27 May 2021 07:47:17 GMT
server: cloudflare
etag: W/"9a9-5c34af7eb1058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXQmSJIiewkEjf2fHSK5jDquFVEYgilNYGngEsoeQADFyG3gbzydhY9p5dn2HQ7GJzaRwqMxbCRZXkVOqtT4LWl2OZdExe3d4Oo8CMH61Gis9G9QJ%2BDOyg8g3UISb5kY%2FyYAcpLyvZ3n2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745b3eb35c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bootstrap.min.css
secure.defbill.com/res/css/ Frame 5B97 115 KB
20 KB 326ms
326ms Stylesheet
text/css 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.defbill.com/res/css/bootstrap.min.css

Requested by

Host: secure.defbill.com
URL: https://secure.defbill.com/iframe/refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.defbill.com/iframe/refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 26 Dec 2021 09:39:46 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8WnDWk5Sb93xdaHz%2BkeoxZtmC23C28zgh91pGzmRI2cEPu2udYocTZiMF89TdTcsTPa7TZtCPQ1ahHSq%2BQisvMxO3H0wUlUqOiDuTsCyZRj7R4vR7VqTWia2BuoMiiWwcFFaoZQvZEJatmG3xuVe2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=43200, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745c883d5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 12:32:55 GMT

GET
H3 200 jquery-1.9.1.min.js Show response
secure.defbill.com/res/js/ Frame 5B97 90 KB
33 KB 412ms
411ms Script
application/javascript 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.defbill.com/res/js/jquery-1.9.1.min.js

Requested by

Host: secure.defbill.com
URL: https://secure.defbill.com/iframe/refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cf6a04ee353f673d545d8655fc47cbd0cea85afe2463a7274f83640e5b78920

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.defbill.com/iframe/refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 26 Dec 2021 09:39:46 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUIEYxGFIK%2BSUOenZBo%2BbesdMSAVOj%2FQlyhCD8oebHjjI2fVkRv792Cnsopwjg1NB6jcEc7vYi9PCM%2B6IhWrxp1OfyMB8Dg8JmTloeFJpXCYPyY4zgY%2FMeFovJrCtzNNrabWpyiDEbWjigKNe44X8jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=43200, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745c883f5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 12:32:55 GMT

GET
H3 200 validation.js Show response
secure.defbill.com/res/js/ Frame 5B97 49 KB
17 KB 425ms
424ms Script
application/javascript 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.defbill.com/res/js/validation.js

Requested by

Host: secure.defbill.com
URL: https://secure.defbill.com/iframe/refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f2faae8df768e3638af12015f9082ce155089b07ada57f21b6a859d97fd8ea

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.defbill.com/iframe/refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 26 Dec 2021 09:39:46 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mP16asWWTiaUAfQcAma3%2Be9h%2B6EVNOJWhZ0GIvFM4tgQdDmmgmumu%2FCNQViPwafpeMyI2DSzr8fQQ5kExViubhy4PH%2BafJvzcj85yH5xanQtgYnc6SvxGhtz87RlOed8TQAx0gGN4uCUehVtJQ3dVeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=43200, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745c88415c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 12:32:55 GMT

GET
H3 200 bootstrap.min.js Show response
secure.defbill.com/res/js/ Frame 5B97 35 KB
10 KB 332ms
332ms Script
application/javascript 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.defbill.com/res/js/bootstrap.min.js

Requested by

Host: secure.defbill.com
URL: https://secure.defbill.com/iframe/refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.defbill.com/iframe/refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 26 Dec 2021 09:39:46 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuPjHV%2FlF3T%2FbOdMydFymAPaTN1WuT%2FGRFTrYXNSqkCcAYXplRytfzyRAXygPCcW62TkWgCbqKigUzA3BCCM9AABwVEebMQXpKkeIQZ%2FqEMhsiCnZM2Ikjk1Deg4g8khM0xprYieWOQCCObnHYudhPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=43200, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745c88435c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 12:32:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: defbill.com
URL: https://defbill.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f174eb2442ce5ee3bac272114fb1f2a44a1affd724758a3eb409f8fb3bbabb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 00:32:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 00:32:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 00:32:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
755 B 145ms
56ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: defbill.com
URL: https://defbill.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 00:31:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 00:32:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 00:32:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 790 B
454 B 145ms
56ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Red+Hat+Text&display=swap

Requested by

Host: defbill.com
URL: https://defbill.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb30131f8b58afc90a1820a11fd1b19e00f5eadad822e181f578838091715bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 00:32:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 00:32:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 00:32:55 GMT

GET
H/1.1 200
OK new Show response
cdncloud.freshdesk.com/widgets/feedback_widget/ Frame E442 20 KB
8 KB 404ms
180ms Document
text/html 54.205.74.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.74.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-74-210.compute-1.amazonaws.com

Software

fwe /

Resource Hash

cc68683b07c074ba1efca1a8576522cc62f0a0bd21310bb6621ba2672ba5a29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/

Response headers

Date: Mon, 27 Dec 2021 00:32:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Request-Id: d4506111-967c-4871-91be-de9178960f5c
X-Ua-Compatible: IE=Edge,chrome=1
Etag: W/"d5f0eed8c62305e16f70dfd577c5450d"
X-Content-Type-Options: nosniff
X-Rack-Cache: miss
Content-Encoding: gzip
X-Envoy-Upstream-Service-Time: 81
X-Trace-Id: 00-36ebfb35b4141be278c60d089816c02e-2cda8ff007601839-00
Server: fwe

GET
H3 404 header_background.jpg
defbill.com/css/images/ 230 B
230 B 206ms
206ms Image
text/html 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/css/images/header_background.jpg
Requested by: Host: defbill.com
URL: https://defbill.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92a3dbcce6fcbc751269c88d79502a0e2f87e0a7bde3743f90473769bb598e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNpGNnqXi1iHO2ancuqX18CDoNWgjfBG3BvRhilqWikj7j3mEkmmH6vWHudYUdAwrK6lhvni1E%2FmWmYWQW08govLayIrUCTll3jRN6ZIb%2FVLFvkmAsmiKGoSHeKEo7N11hAaOrZ0Fsq8Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6c3e745daa1a5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 background_blackcurves.png
defbill.com/css/images/ 311 KB
312 KB 310ms
310ms Image
image/png 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/css/images/background_blackcurves.png
Requested by: Host: defbill.com
URL: https://defbill.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e4029adeccbf439bb15b98a9bdfa73c5db1f566038a781dac896f501b14028f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:33 GMT
server: cloudflare
etag: "4dc53-5bc27a2220430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssNC4H0ZK%2F88BT3zvgUN5FgWsS7XrEv%2BwQDE638Fao8ZFrgQGFoMZAtRVLK0a5sMiskj2XaFut9Wk2PXeWgLQ7LwpQjVIVdnOi6F8hgXzYmuFulM9zizApj3CiyHJb0zKIfkM67KI5IHUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c3e745daa1c5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 318547

GET
H3 200 icon_qa.svg
defbill.com/css/images/ 2 KB
2 KB 216ms
216ms Image
image/svg+xml 2606:4700:3036::6815:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defbill.com/css/images/icon_qa.svg
Requested by: Host: defbill.com
URL: https://defbill.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2f8afc7aa201991a26dec5ce259c2e605aae72bd18df12bcbdfc21cf297452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 25 Feb 2021 11:41:30 GMT
server: cloudflare
etag: W/"95e-5bc27a1f819b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzn%2BtptshvEvai3gLUj0RAfyCkRjb4BILxN%2BVB5ho9CqKN71ppQmQtyoqPoXAyugcOa%2BCiNvVfA2KQvg5rKJNmlmjg6oTcEKuu5509Yd6bQH%2FBZDLCNhgSXZ%2FR1krwJzd0Rix7RCWJ0zRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c3e745daa1d5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 RrQCbohi_ic6B3yVSzGBrMx6ZI_cy1A6Ok2ML7hwZrHQcA.woff2
fonts.gstatic.com/s/redhattext/v6/ 12 KB
13 KB 123ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhattext/v6/RrQCbohi_ic6B3yVSzGBrMx6ZI_cy1A6Ok2ML7hwZrHQcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Text&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc3ffcdb32a53647771d7c339575f3c233a686fb14a1a89b43896b72060df9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://defbill.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:08:43 GMT
x-content-type-options: nosniff
age: 469453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12520
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:03:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:08:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E442 9 KB
745 B 96ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,600,700

Requested by

Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5a5062f82bc9989079e336a27d7ff321c2313d86571c7f68da1c31057c9dec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 23:01:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 00:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 00:32:56 GMT

GET
H2 200 widget-667ce6d47838090639ca7724e6c0ab1b.css
assets1.freshdesk.com/assets/cdn/ Frame E442 229 KB
60 KB 45ms
13ms Stylesheet
text/css 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.freshdesk.com/assets/cdn/widget-667ce6d47838090639ca7724e6c0ab1b.css
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: addcf53fad082e75ba67556f1ec1659cb6e9ceeb75f8f62991136f08ce9a4331

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 00:11:53 GMT
content-encoding: gzip
age: 13306864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 60799
last-modified: Wed, 11 Nov 2020 14:13:29 GMT
server: AmazonS3
etag: "2a176b455d5ca7074a66b7e86f10fc6c"
x-amz-version-id: LkaH4RBRJQktvbRGtPM3F3fJuFGMNHEx
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 2vA8_T0Crbm1zDYiuTEJxtbduVEkevfSiolPTnGxpj-zkHyjTHg_uQ==
expires: Thu, 11 Nov 2021 20:13:28 GMT

GET
H2 200 ie_hacks-1cf80e44a736a1827954bb2af081bb00.css
assets9.freshdesk.com/assets/cdn/ Frame E442 17 KB
3 KB 39ms
8ms Stylesheet
text/css 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets9.freshdesk.com/assets/cdn/ie_hacks-1cf80e44a736a1827954bb2af081bb00.css
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3aa8e31c71a50a03d0528915e1f05b719d486c0d4e665283f6743e9f2a092699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 01:49:23 GMT
content-encoding: gzip
age: 2846614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2525
last-modified: Thu, 22 Feb 2018 09:31:27 GMT
server: AmazonS3
etag: "522d12334f70919316d4153c6ff12328"
x-amz-version-id: ZY24oBiiWDbgqISbtYmGuPq2tDLsxtq7
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: BJ9wt4saTmNGmgpjAWIiBQhxHgcP81-awxjeZr4AX7hjtUo3dDWP1w==
expires: Fri, 22 Feb 2019 15:31:26 GMT

GET
H2 200 fdwidget-9b274ef5a9223993faf22f71ac9618fb.js Show response
assets4.freshdesk.com/assets/cdn/ Frame E442 562 KB
163 KB 61ms
17ms Script
text/javascript 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets4.freshdesk.com/assets/cdn/fdwidget-9b274ef5a9223993faf22f71ac9618fb.js
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8543d0486e60ea79a14a1ba6b6f95dc0d1081e97c8b1fb2b68d391f03a7f378e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:12:50 GMT
content-encoding: gzip
age: 5340007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 166277
last-modified: Wed, 02 Jun 2021 14:10:41 GMT
server: AmazonS3
etag: "6c0c202bd6938df352c49e827661672b"
x-amz-version-id: a0f92JSwvjJ4rw2fS7MnwQn1xE1xQZq5
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: ScEU_Z7xl-SFnNp3Q9pgLNOa1Bd3KasX-Av_oztfMtqZpstAZuqtfw==
expires: Thu, 02 Jun 2022 20:10:40 GMT

GET
H2 200 pattern-4503fedf84d38019acc31ee71c567dd9.js Show response
assets6.freshdesk.com/assets/cdn/ Frame E442 31 KB
8 KB 40ms
9ms Script
text/javascript 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets6.freshdesk.com/assets/cdn/pattern-4503fedf84d38019acc31ee71c567dd9.js
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f9cbc0ba8fdd2a0af5b3ce7f6425999c2b73db7f078f04923453e449dc9dca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 00:11:53 GMT
content-encoding: gzip
age: 13306864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 7717
last-modified: Wed, 27 Nov 2019 16:51:50 GMT
server: AmazonS3
etag: "45494acbce2f029ccb57d44a03fd1f0e"
x-amz-version-id: a6p6FLk8ZPW2rjbRIsSUaDL_CUPDslbs
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: sU4Z6hkP9lP9g5gT8Jlzc4vT9eLSU-3pkc5Guj_72dh0Ss20LfW9ZA==
expires: Thu, 26 Nov 2020 22:51:49 GMT

GET
H2 200 redactor-89e4016c5e19a3b700070d1f1b28d4ba.js Show response
assets4.freshdesk.com/assets/cdn/ Frame E442 100 KB
27 KB 52ms
8ms Script
text/javascript 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets4.freshdesk.com/assets/cdn/redactor-89e4016c5e19a3b700070d1f1b28d4ba.js
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 961e141ad605f2f551c61596e1b16ee8710563188ac44b454e33a7a012445216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 09:59:34 GMT
content-encoding: gzip
age: 1175603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 27553
last-modified: Fri, 29 Oct 2021 06:05:51 GMT
server: AmazonS3
etag: "82e191c34338cf91ebc9045afc4e15fb"
x-amz-version-id: f7caOXRJoM3Yphj5CwLRHTlp2GenXuPB
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: SNce9xoDZ4g_5gELx-etSw-hLb2Yy0jMBmktIVfaDQE_O4NFX9cQzw==
expires: Sat, 29 Oct 2022 12:05:50 GMT

GET
H2 200 en-8e25b0370dd6f05f138133ba21c7c7aa.js Show response
assets10.freshdesk.com/assets/cdn/i18n/ Frame E442 82 KB
23 KB 41ms
9ms Script
text/javascript 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets10.freshdesk.com/assets/cdn/i18n/en-8e25b0370dd6f05f138133ba21c7c7aa.js
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7614565f4954402844c1dd6f2f2fb8a3a9c69526992be20e223b8549d5382a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 08:17:29 GMT
content-encoding: gzip
age: 1008928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 23232
last-modified: Fri, 29 Oct 2021 06:05:34 GMT
server: AmazonS3
etag: "4fe083897dc220b4a88cba47b397a105"
x-amz-version-id: Zvsig4OhDJjgKk_PlIx2kF75eUYYb354
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: FgPS2MpMvuhE9iUbx_MW6JDzVyHrwjymL_X0weU5jdYCdMZbZcg0Og==
expires: Sat, 29 Oct 2022 12:05:33 GMT

GET
H2 200 responsive_widget-9e24c64f2b86837e928be3c2747b4839.css
assets1.freshdesk.com/assets/cdn/ Frame E442 8 KB
2 KB 40ms
10ms Stylesheet
text/css 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.freshdesk.com/assets/cdn/responsive_widget-9e24c64f2b86837e928be3c2747b4839.css
Requested by: Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38a544f028a3f435575871b80f9cb8a19356f0aba61e1c2a3248bb092ba70fd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 00:09:59 GMT
content-encoding: gzip
age: 14170978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1545
last-modified: Thu, 22 Feb 2018 09:31:10 GMT
server: AmazonS3
etag: "b4a0cf2566ca4da759fb5563b1a26819"
x-amz-version-id: 55cX0HKqmeugd.a2GC7mPJz8CUWxjbQz
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: lPXT97i94JdUHDmPeMP40O1V2UKEUk_gidhZF2tgDMr8UT1pBWnt-A==
expires: Fri, 22 Feb 2019 15:31:09 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E442 12 KB
12 KB 112ms
62ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b98b5baeb621645cc9c1e7c35c4c3000231a70dabbded76d05f4a77b488dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdncloud.freshdesk.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:17:59 GMT
x-content-type-options: nosniff
age: 213297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:17:59 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E442 13 KB
13 KB 89ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdncloud.freshdesk.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:06:47 GMT
x-content-type-options: nosniff
age: 469569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:06:47 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame E442 13 KB
13 KB 92ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,200,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdncloud.freshdesk.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 380189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 14:56:27 GMT

GET
H2 200 glyphs_03689101d9532bb72fa1b7d77a42613a.woff
assets1.freshdesk.com/assets/ Frame E442 55 KB
56 KB 26ms
9ms Font
application/font-woff 65.9.66.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.freshdesk.com/assets/glyphs_03689101d9532bb72fa1b7d77a42613a.woff
Requested by: Host: assets1.freshdesk.com
URL: https://assets1.freshdesk.com/assets/cdn/widget-667ce6d47838090639ca7724e6c0ab1b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272aa08cb92595e7393c5e095d4a69a611821929980c576c3e5d3c863dc6438e

Request headers

Referer: https://assets1.freshdesk.com/assets/cdn/widget-667ce6d47838090639ca7724e6c0ab1b.css
Origin: https://cdncloud.freshdesk.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xR1x8QEZQ8IkrfCVkt3dpoPm4BlEHlKj
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
etag: "134fe30fa83f6039e6072149909ab8b6"
age: 76947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 56340
last-modified: Tue, 12 Mar 2019 03:34:11 GMT
server: AmazonS3
date: Sun, 26 Dec 2021 03:10:29 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 1fAiJFo3ZYJNvewddoGWz8NP5OTVNxyGmIKjhBJorwbjk662X7_eRw==

GET
H/1.1 200
OK recaptcha Show response
cdncloud.freshdesk.com/support/ Frame 7A51 3 KB
2 KB 149ms
148ms Document
text/html 54.205.74.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdncloud.freshdesk.com/support/recaptcha

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.74.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-74-210.compute-1.amazonaws.com

Software

fwe /

Resource Hash

5d1d39751fd7d4c0ed32dab49c8b76937770117ab4baed95230db2fbb69e5edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/widgets/feedback_widget/new?&widgetType=embedded&formTitle=&submitThanks=Thank+you%2C+we+will+be+in+touch+with+you+shortly&screenshot=no&attachFile=no&searchArea=no&captcha=yes

Response headers

Date: Mon, 27 Dec 2021 00:32:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
X-Ratelimit-Limit: 300
X-Ratelimit-Reset: 271221003356
X-Ratelimit-Remaining: 299 999
X-Request-Id: 5412d542-e178-919d-874a-42bac876abb0
Etag: W/"5f64c60fc8628d142f32f1c4de455fb3"
X-Rack-Cache: miss
Cache-Control: max-age=0, private, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge,chrome=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Fw-Ratelimiting-Managed: true
X-Ratelimit-Total: 1000
X-Ratelimit-Used-Currentrequest: 1
X-Envoy-Upstream-Service-Time: 50
X-Trace-Id: 00-c0255dafcd8ec01af9257657bd30e26d-8e135efbb8b3c38e-01
Server: fwe

GET
H/1.1 200
OK html2canvas.js Show response
s3.amazonaws.com/assets.freshdesk.com/widget/ Frame E442 36 KB
37 KB 436ms
136ms Script
text/javascript 54.231.136.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.freshdesk.com/widget/html2canvas.js?ver=2
Requested by: Host: assets4.freshdesk.com
URL: https://assets4.freshdesk.com/assets/cdn/fdwidget-9b274ef5a9223993faf22f71ac9618fb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 27 Dec 2021 00:32:57 GMT
Last-Modified: Thu, 26 Oct 2017 13:51:32 GMT
Server: AmazonS3
x-amz-request-id: PG7VGZA9T73JTH0R
ETag: "5330312b84e884012c526a60437ba7f3"
Content-Type: text/javascript
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 36985
x-amz-id-2: Qag1fXs0kS5nvC5AHNy58hI+lX4+hbLLepZ9Ki+LPzBeV3AlydLDBRfP53zO5VX+zpXRl81PeiU=

GET
DATA 200
OK truncated
/ Frame E442 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: babdf7c3970e127b7e9374440ba9375b79571fccd09c75f625911e7a39dc68f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E442 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame 7A51 853 B
972 B 130ms
45ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js

Requested by

Host: cdncloud.freshdesk.com
URL: https://cdncloud.freshdesk.com/support/recaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58365852737c1e4e2713cf863b6fb8b23b42f96b3dd0e248aa5e82b8ce3be3e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 559
x-xss-protection: 1; mode=block
expires: Mon, 27 Dec 2021 00:32:56 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 7A51 348 KB
137 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdncloud.freshdesk.com/
Origin: https://cdncloud.freshdesk.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 22:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 26 Dec 2022 22:19:32 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 7F75 40 KB
21 KB 141ms
58ms Document
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ&co=aHR0cHM6Ly9jZG5jbG91ZC5mcmVzaGRlc2suY29tOjQ0Mw..&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=normal&cb=o05aw3kswalj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b0c164fd98e6c41eb7a664efc03b1876b86d90422f28a10ed3a7e81b78b9378

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0trzTnW1YJcEXzKB+E+2GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Dec 2021 00:32:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-0trzTnW1YJcEXzKB+E+2GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20983
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 7F75 51 KB
24 KB 134ms
43ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ&co=aHR0cHM6Ly9jZG5jbG91ZC5mcmVzaGRlc2suY29tOjQ0Mw..&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=normal&cb=o05aw3kswalj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 21:45:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 7F75 348 KB
136 KB 185ms
94ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 22:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 26 Dec 2022 22:19:32 GMT

GET
DATA 200
OK truncated
/ Frame 7F75 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7F75 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7F75 2 KB
2 KB 55ms
54ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 235778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 31 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F75 15 KB
15 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 458776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 17:06:41 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 7F75 102 B
134 B 69ms
68ms Other
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ&co=aHR0cHM6Ly9jZG5jbG91ZC5mcmVzaGRlc2suY29tOjQ0Mw..&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=normal&cb=o05aw3kswalj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 27 Dec 2021 00:32:57 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.eu.freshchat.com/js/ 44 KB
14 KB 123ms
44ms Script
application/javascript 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/js/widget.js

Requested by

Host: defbill.com
URL: https://defbill.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

787e030e8ae2abb4ba16fab77cdccbba559a6bbae24c3e5ebb43816c6a82a76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:57 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 77348413-b933-9bdb-87ea-6a15bf4ebb48
x-trace-id: 00-7af90ae5df5fffb3b106235128342af6-0ae39e76f388ea82-01
served-by: 9894
last-modified: Sat, 18 Dec 2021 05:31:34 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 9894
Content-Type: application/javascript

GET
H3 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame 69A1 7 KB
1 KB 68ms
68ms Document
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf4a1a7e410601026fd391f994091218a0b23c13af218111b2418f73f6cb20c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xA8ZT0kOkRSHDSuxLg9Rag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdncloud.freshdesk.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Dec 2021 00:32:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-xA8ZT0kOkRSHDSuxLg9Rag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 69A1 51 KB
24 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 21:45:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 69A1 348 KB
136 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6LdvejUUAAAAAEn6wjOFcPVRyQr4KtAJ03ltA1SQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 22:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 26 Dec 2022 22:19:32 GMT

GET
H/1.1 200
OK / Show response
wchat.eu.freshchat.com/widget/ Frame C1CD 4 KB
3 KB 68ms
33ms Document
text/html 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==

Requested by

Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

974288b22f494427328a138a5cfedf0a69669fe3c0f189ecd3aabd5280eca53b

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/

Response headers

Date: Mon, 27 Dec 2021 00:32:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Sat, 18 Dec 2021 05:31:34 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
served-by: 7984
x-server: 7984
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-9ef68ff9568f85968c10f3f0175a6cfb-e594cee23d463376-00
x-fw-ratelimiting-managed: false
x-request-id: ca38cbcf-eeb3-42a9-9865-fce3479cb8f7

GET
H/1.1 200
OK widget.css
wchat.eu.freshchat.com/css/ 7 KB
2 KB 35ms
34ms Stylesheet
text/css 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/css/widget.css?t=1640565177764

Requested by

Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

38a4932ef69f2de2422f3f141d92fadaa5c6191a44cdf40d2e03cb8d4eda9245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:57 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 9966dade-7d6a-4e0d-92c6-a0e1b78bfef5
x-trace-id: 00-c21537c0f42a166c0b00ba8e065eed21-7230cebf593b4e44-00
served-by: 5110
last-modified: Sat, 18 Dec 2021 05:31:34 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 5110
Content-Type: text/css
expires: Tue, 27 Dec 2022 00:32:57 GMT

GET
H2 200 vendor-cb48eae2d25974cb9e453b74e43d0225.css
assetscdn-wchat.eu.freshchat.com/static/assets/ Frame C1CD 5 KB
2 KB 129ms
29ms Stylesheet
text/css 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-cb48eae2d25974cb9e453b74e43d0225.css
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:32:50 GMT
content-encoding: br
last-modified: Sat, 18 Dec 2021 05:31:45 GMT
server: AmazonS3
age: 8
etag: W/"cb48eae2d25974cb9e453b74e43d0225"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: mlP_ercDDa-AibsmL_Ipc04lI4hQqBMhyfDyqDYDUzxGDtmRDnm-RQ==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 fc_web_widget-37495e433e418197a87016a36b4a600e.css
assetscdn-wchat.eu.freshchat.com/static/assets/ Frame C1CD 212 KB
23 KB 130ms
30ms Stylesheet
text/css 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-37495e433e418197a87016a36b4a600e.css
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c86e9d30acd0fe2624ae1e9d20b7b2f48b9b8a3b51b1852a918fce1aea6b7ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:29:37 GMT
content-encoding: br
last-modified: Sat, 18 Dec 2021 05:31:36 GMT
server: AmazonS3
age: 201
etag: W/"37495e433e418197a87016a36b4a600e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: eAtJBFldV5dTvl6f-3FvUZABGE74uIwKD_9p1hX-HgAjZJbl39ODmw==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 vendor-9acf8588d31199e9a3bc6d1e440b2045.js Show response
assetscdn-wchat.eu.freshchat.com/static/assets/ Frame C1CD 2 MB
381 KB 130ms
30ms Script
text/javascript 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eaa8f28e29a5b68e248d6a1fb419faf3dcf3f57375d563e0d01f37f94cd4b59c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:30:02 GMT
content-encoding: br
last-modified: Sat, 18 Dec 2021 05:31:45 GMT
server: AmazonS3
age: 176
etag: W/"78cfc42ab37c276442ee74fa1de83ad8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: CEygx4YTRCYPiJOanNuGqNs4hMrm2KrybbY9usR_ixTUiN0z6o9gHg==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 fc_web_widget-fa3f42559cb3b68f0d859a2b83191a01.js Show response
assetscdn-wchat.eu.freshchat.com/static/assets/ Frame C1CD 1 MB
160 KB 198ms
99ms Script
text/javascript 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-fa3f42559cb3b68f0d859a2b83191a01.js
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 797db92fbe3481f44f27c65982018e50e1df97ad52b776a6a5c74bd2aec9039a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:29:37 GMT
content-encoding: br
last-modified: Sat, 18 Dec 2021 05:31:36 GMT
server: AmazonS3
age: 201
etag: W/"ff1399a1b5fd6727dac3755259765c8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: XCKvVC8CEV6EuhqGFOtJ_WWfAF-jMmyp58OKCfiAcEmX9AUoTeB5lA==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/euc/ Frame C1CD 81 KB
25 KB 71ms
24ms Script
text/javascript 65.9.58.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/euc/rts-min.js
Requested by: Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-fa3f42559cb3b68f0d859a2b83191a01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee79271766bbba9a34b7449b08dd9c3b75f1b55baf957f242dee6632fa357a25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 203u_BnrDj83sjzADJ_Sx8qzqadxpnOl
content-encoding: gzip
etag: W/"596deaf4d67744caa5865bc1dc51a8f4"
last-modified: Mon, 13 Dec 2021 14:28:02 GMT
server: AmazonS3
age: 3
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 27 Dec 2021 00:32:56 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: B3NcQzANti6pabkLfiZa4pNmDLuVbg5-3aXs6oTwphC9CC-Iwss_og==

GET
H/1.1 200
OK config Show response
wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/ Frame C1CD 1 KB
2 KB 39ms
38ms XHR
application/json 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/config?domain=aHR0cHM6Ly9kZWZiaWxsLmNvbQ

Requested by

Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

17ec1b3335dd260598ed448fb25dcaa0fb863c927066bdb62e4686b640750ded

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
x-ratelimit-total: 2000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 12
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 6a5990cb-d44c-437c-a224-dfe34eb0a484
x-trace-id: 00-b70eab0c27110bbe4f5b128c275226cf-44b0fe25c646d614-00
served-by: 9438
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 1999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 9438
x-ratelimit-limit: 2000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 en-us-28821ce664b923581d789fe132fdfa67.js Show response
assetscdn-wchat.eu.freshchat.com/static/assets/translations/ Frame C1CD 12 KB
4 KB 77ms
31ms XHR
text/javascript 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/translations/en-us-28821ce664b923581d789fe132fdfa67.js
Requested by: Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c699c763680db4221468c22d27bd952b645914fbc80c8aee08d528070405048

Request headers

Accept: application/json, text/plain, */*
Referer: https://wchat.eu.freshchat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:30:12 GMT
content-encoding: br
age: 167
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
access-control-allow-origin: https://wchat.eu.freshchat.com
last-modified: Sat, 18 Dec 2021 05:31:44 GMT
server: AmazonS3
etag: W/"28821ce664b923581d789fe132fdfa67"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: rRUZHWGXg0fGyNQSz6F7_gmgm40BvJv-TlyOxhePztfqgCeStg8L0Q==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
assetscdn-wchat.eu.freshchat.com/static/assets/fonts/ Frame C1CD 5 KB
5 KB 10ms
9ms Font
binary/octet-stream 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fonts/fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
Requested by: Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-37495e433e418197a87016a36b4a600e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Referer: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-37495e433e418197a87016a36b4a600e.css
Origin: https://wchat.eu.freshchat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:32:41 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
age: 18
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Sat, 18 Dec 2021 05:31:36 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.eu.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: eHU9pDlVmjbfg1ESX_XB8C1ff5vbFkkRMDOEagceIeXKY_g8hXTMlQ==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H/1.1 200
OK co-browsing.js Show response
wchat.eu.freshchat.com/js/ 35 KB
10 KB 13ms
13ms Script
application/javascript 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

19cc0e01c4d1befda415ed38015cdd6b4b73ab046d21d9bd0983332a338f7a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 01db579f-5127-41c7-ac1c-df3ffee48f1a
x-trace-id: 00-489e52028725e315478614036d2409fe-ed7dd7b1115a2370-00
served-by: 7286
last-modified: Sat, 18 Dec 2021 05:31:34 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 7286
Content-Type: application/javascript

GET
H2 206 notif.mp3
assetscdn-wchat.eu.freshchat.com/static/assets/audio/ Frame C1CD 4 KB
5 KB 10ms
10ms Media
audio/mpeg 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/audio/notif.mp3
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.eu.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 27 Dec 2021 00:30:08 GMT
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
age: 171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Sat, 18 Dec 2021 05:31:36 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: _CGLEhcoOaEtEPyLrANJP_lDwRq_HL5M-nTr_A8jCDBz7Oih0T_XSw==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H/1.1 200
OK cb.css
wchat.eu.freshchat.com/css/ 1 KB
1 KB 12ms
12ms Stylesheet
text/css 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/css/cb.css?t=1640565178408

Requested by

Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 262cab8a-cf89-4a8c-8b5a-65c52ded983b
x-trace-id: 00-03eac61c7160575ff80c044c07c7c11b-d7536da4879488c5-00
served-by: 7984
last-modified: Sat, 18 Dec 2021 05:31:34 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 7984
Content-Type: text/css
expires: Tue, 27 Dec 2022 00:32:58 GMT

GET
H/1.1 200
OK user Show response
wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/ Frame C1CD 63 B
1 KB 15ms
15ms XHR
application/json 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/user

Requested by

Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
x-ratelimit-total: 2000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 41197924-1c06-4af9-8516-d5e7b46013f1
x-trace-id: 00-4f0e12724031e0805a5fee47faf02ce2-87c49e06e3ef7d7b-00
served-by: 5110
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 1998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5110
x-ratelimit-limit: 2000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/ Frame C1CD 6 KB
2 KB 44ms
44ms XHR
application/json 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

6b471754d34054e07a96cd327d7b16688d49dd3cdbdf4ec6acb13d06812a09a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
x-ratelimit-total: 2000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 31
x-status: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 97935ad4-87c2-40c0-b6db-56165844ebfb
x-trace-id: 00-294604ae591bb5db60f3037ecd8ce303-1f01211ec66c026e-00
served-by: 5110
server: fwe
x-ratelimit-remaining: 1997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5110
x-ratelimit-limit: 2000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK category Show response
wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/faq/ Frame C1CD 209 B
1 KB 22ms
22ms XHR
application/json 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

c89b7fe2f4b3b38a83f75f22e6d193920ee4937a418334675f66fbabbcb2d16e

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.eu.freshchat.com/widget/?token=f56d10f4-d352-49fe-b245-d764b1f46ad5&referrer=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
content-encoding: gzip
x-ratelimit-total: 2000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 10
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: af3dee8f-3b0d-4b6f-ae3a-f0a2f69485df
x-trace-id: 00-3cc8980b3796e67a94ba07210a3f5865-39393c3540248e41-00
served-by: 7286
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 1996
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 7286
x-ratelimit-limit: 2000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

PUT
H/1.1 200
OK activity Show response
wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/user/7d1039d1-a447-454a-b95b-41441a388955/ Frame C1CD 17 B
1 KB 17ms
17ms XHR
application/json 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/app/services/app/webchat/f56d10f4-d352-49fe-b245-d764b1f46ad5/user/7d1039d1-a447-454a-b95b-41441a388955/activity

Requested by

Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/vendor-9acf8588d31199e9a3bc6d1e440b2045.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/home/33602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 00:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 2000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 6eaab7db-9518-47ec-8674-796120f53672
x-trace-id: 00-ee996f0fca7e6656745ff5b8ecbeb39b-59660f67714e0098-00
served-by: 9438
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 1995
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 9438
x-ratelimit-limit: 2000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 freshchat-line-cd452acf4efb05843ef7575e5a9de756.svg
assetscdn-wchat.eu.freshchat.com/static/assets/images/ Frame C1CD 663 B
1 KB 8ms
8ms Image
image/svg+xml 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/images/freshchat-line-cd452acf4efb05843ef7575e5a9de756.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:29:50 GMT
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
last-modified: Sat, 18 Dec 2021 05:31:37 GMT
server: AmazonS3
age: 189
etag: "cd452acf4efb05843ef7575e5a9de756"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 663
x-amz-cf-id: fuALVPAdn9VTQB4aqxrftEvMSa9qGnP9HiB2w4Z5TP6l6hx_W9NN_A==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 index.html Show response
407149199281688.eu.webpush.freshchat.com/ Frame 19C1 30 KB
7 KB 410ms
383ms Document
text/html 13.32.27.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://407149199281688.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Requested by: Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-46.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://defbill.com/

Response headers

content-type: text/html
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Dec 2021 00:32:59 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: QSWi0Rlkhya53RTvzUNvSGQqbym9dgH6C9Oiw2sPURbWPdLTxJ_4XA==

GET
H2 200 texture_background_1-9f6bed8189e4c854889928d5517fc21c.png
assetscdn-wchat.eu.freshchat.com/static/assets/images/ Frame C1CD 1 KB
2 KB 54ms
54ms Image
image/png 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/images/texture_background_1-9f6bed8189e4c854889928d5517fc21c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f8af8f68c725d36d38f08d6239cbb9f6adae8311e00ef8841dcd70d870e27d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.eu.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:32:59 GMT
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
last-modified: Sat, 18 Dec 2021 05:31:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "9f6bed8189e4c854889928d5517fc21c"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
content-length: 1153
x-amz-cf-id: HjIcHbppP-7G5tl3vcO-bOrjHfcbFwT0lPBf9-dF056tPL0JwAlXrQ==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
H2 200 Agent-db35cf7656adaad5a250142c8bd838e5.svg
assetscdn-wchat.eu.freshchat.com/static/assets/images/ Frame C1CD 2 KB
1 KB 56ms
56ms Image
image/svg+xml 13.32.27.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/images/Agent-db35cf7656adaad5a250142c8bd838e5.svg
Requested by: Host: assetscdn-wchat.eu.freshchat.com
URL: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-37495e433e418197a87016a36b4a600e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-2.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e34e2da1159423f7f8d0a0d46aec5cef1d5e7c7f62adb6ecc89365b9f2b3b709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assetscdn-wchat.eu.freshchat.com/static/assets/fc_web_widget-37495e433e418197a87016a36b4a600e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Dec 2021 00:32:59 GMT
content-encoding: br
last-modified: Sat, 18 Dec 2021 05:31:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"db35cf7656adaad5a250142c8bd838e5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 0LdUdeLd427HXqVeVBZjb1Dm8GIHWlV1vrkPfVOBkDlviO-8ea2_qw==
expires: Sun, 18 Dec 2022 05:31:34 GMT

GET
BLOB 200
OK e9f17545-43f5-493c-b797-85afa9e6a0ab
https://wchat.eu.freshchat.com/ Frame C1CD 150 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.eu.freshchat.com/e9f17545-43f5-493c-b797-85afa9e6a0ab
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 150

GET
H2 200 fc_logo.png
407149199281688.eu.webpush.freshchat.com/ Frame 19C1 4 KB
4 KB 401ms
400ms Image
image/png 13.32.27.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://407149199281688.eu.webpush.freshchat.com/fc_logo.png
Requested by: Host: 407149199281688.eu.webpush.freshchat.com
URL: https://407149199281688.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-46.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://407149199281688.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kZWZiaWxsLmNvbQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 00:33:00 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: fF9TpXyu6d1ws6heYNlaxb0P6RQRbKs_3P20F5JOIA_c5B6y6KmMOw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.freshdesk.com
URL: http://assets.freshdesk.com/widget/freshwidget.css

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.defbill.com/res/css	1969-12-31 23:59:59	Name: _uuid Value: 144dc6e8-7961-44e3-8590-9c4c3aa3b8db
secure.defbill.com/iframe	1969-12-31 23:59:59	Name: _uuid Value: 0c39fce0-0b1e-4a8a-a422-bd797f4db86a
secure.defbill.com/res/js	1969-12-31 23:59:59	Name: _uuid Value: 93207322-5aa2-436a-b127-19c97fbfc8ed
secure.defbill.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1wh0o5mu82i67ruzkteabcyv9
secure.defbill.com/	1969-12-31 23:59:59	Name: RNLBSERVERID Value: ded464
defbill.com/	1970-01-19 23:52:49	Name: AWSALB Value: wI11Ot4AiVGyZS7vmU+T6qKYqTW0Phwxqnav7Jrn1qzgU67sq1P5nO/6cJqRLCtg5VJKtOkpR8EKZnlZZZMrqs3H2bagIJ1pR0HkK6U+TLs2HjQ5PrXoNN65CcqN
.defbill.com/	1970-01-20 08:28:21	Name: _fw_crm_v Value: 4a93d013-3da5-45cd-bfdc-6f6b58442d74

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://defbill.com/(Line 15) Message: Mixed Content: The page at 'https://defbill.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://assets.freshdesk.com/widget/freshwidget.css'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://defbill.com/css/images/header_background.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

407149199281688.eu.webpush.freshchat.com
assets.freshdesk.com
assets1.freshdesk.com
assets10.freshdesk.com
assets4.freshdesk.com
assets6.freshdesk.com
assets9.freshdesk.com
assetscdn-wchat.eu.freshchat.com
cdn.jsdelivr.net
cdncloud.freshdesk.com
code.jquery.com
defbill.com
fonts.googleapis.com
fonts.gstatic.com
rts-static-prod.freshworksapi.com
s3.amazonaws.com
secure.defbill.com
unpkg.com
wchat.eu.freshchat.com
www.gstatic.com
www.recaptcha.net
assets.freshdesk.com
13.32.27.2
13.32.27.46
143.204.209.67
2001:4de0:ac18::1:a:3a
2606:4700:3036::6815:38e
2606:4700::6810:5714
2606:4700::6810:7daf
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
52.57.66.220
54.205.74.210
54.231.136.32
65.9.58.91
65.9.66.5
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cf6a04ee353f673d545d8655fc47cbd0cea85afe2463a7274f83640e5b78920
12668b07381c06d9169a03442b37a5af86a6aa91964e88eb42affe2e7737ebfa
17ec1b3335dd260598ed448fb25dcaa0fb863c927066bdb62e4686b640750ded
19cc0e01c4d1befda415ed38015cdd6b4b73ab046d21d9bd0983332a338f7a89
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
272aa08cb92595e7393c5e095d4a69a611821929980c576c3e5d3c863dc6438e
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2e4029adeccbf439bb15b98a9bdfa73c5db1f566038a781dac896f501b14028f
38a4932ef69f2de2422f3f141d92fadaa5c6191a44cdf40d2e03cb8d4eda9245
38a544f028a3f435575871b80f9cb8a19356f0aba61e1c2a3248bb092ba70fd2
3aa8e31c71a50a03d0528915e1f05b719d486c0d4e665283f6743e9f2a092699
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8af8f68c725d36d38f08d6239cbb9f6adae8311e00ef8841dcd70d870e27d0
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044
496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a
4c699c763680db4221468c22d27bd952b645914fbc80c8aee08d528070405048
502c7591d841ffb532c1c1333737db5727642587cdb58975d5a4faf61802173a
55aae0f84eb42cb16c94bfe8972c0243a86319a72efceed4f0688c1a0ffb2bf2
58365852737c1e4e2713cf863b6fb8b23b42f96b3dd0e248aa5e82b8ce3be3e4
58b98b5baeb621645cc9c1e7c35c4c3000231a70dabbded76d05f4a77b488dc4
5b2f8afc7aa201991a26dec5ce259c2e605aae72bd18df12bcbdfc21cf297452
5d1d39751fd7d4c0ed32dab49c8b76937770117ab4baed95230db2fbb69e5edb
633680c72d3fa6d32b259e62433cb9b1e0225c7ba8657c6b5db5f7131f578e98
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
6b471754d34054e07a96cd327d7b16688d49dd3cdbdf4ec6acb13d06812a09a5
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
787e030e8ae2abb4ba16fab77cdccbba559a6bbae24c3e5ebb43816c6a82a76f
797db92fbe3481f44f27c65982018e50e1df97ad52b776a6a5c74bd2aec9039a
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7fc3ffcdb32a53647771d7c339575f3c233a686fb14a1a89b43896b72060df9c
80f2faae8df768e3638af12015f9082ce155089b07ada57f21b6a859d97fd8ea
8543d0486e60ea79a14a1ba6b6f95dc0d1081e97c8b1fb2b68d391f03a7f378e
883ad6282f84d0c8450d3bbe0892348c69b5d3061e49f929ae5666a4756324b5
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
92fb52325a19e363e419a21e3456267661b2c6b773d8c3f686c404765788f734
961e141ad605f2f551c61596e1b16ee8710563188ac44b454e33a7a012445216
974288b22f494427328a138a5cfedf0a69669fe3c0f189ecd3aabd5280eca53b
9b0c164fd98e6c41eb7a664efc03b1876b86d90422f28a10ed3a7e81b78b9378
a126fc513b831f8460dc9733c023000d5a0eee394d33787bae7c9f7362d58a66
a5a5062f82bc9989079e336a27d7ff321c2313d86571c7f68da1c31057c9dec7
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
addcf53fad082e75ba67556f1ec1659cb6e9ceeb75f8f62991136f08ce9a4331
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
babdf7c3970e127b7e9374440ba9375b79571fccd09c75f625911e7a39dc68f5
bc92a3dbcce6fcbc751269c88d79502a0e2f87e0a7bde3743f90473769bb598e
bf4a1a7e410601026fd391f994091218a0b23c13af218111b2418f73f6cb20c5
c86e9d30acd0fe2624ae1e9d20b7b2f48b9b8a3b51b1852a918fce1aea6b7ed7
c89b7fe2f4b3b38a83f75f22e6d193920ee4937a418334675f66fbabbcb2d16e
cc68683b07c074ba1efca1a8576522cc62f0a0bd21310bb6621ba2672ba5a29d
d4f9cbc0ba8fdd2a0af5b3ce7f6425999c2b73db7f078f04923453e449dc9dca
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e34e2da1159423f7f8d0a0d46aec5cef1d5e7c7f62adb6ecc89365b9f2b3b709
e3838811a3f100450c0b5cd96280321ff69ed223b53dd17dd59dbfde70f5c8a6
e7614565f4954402844c1dd6f2f2fb8a3a9c69526992be20e223b8549d5382a7
eaa8f28e29a5b68e248d6a1fb419faf3dcf3f57375d563e0d01f37f94cd4b59c
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb30131f8b58afc90a1820a11fd1b19e00f5eadad822e181f578838091715bce
ec6d1d6ec1cc73680dd92ddbfd70192249f442fda4a0058a790ede0da369f859
ee79271766bbba9a34b7449b08dd9c3b75f1b55baf957f242dee6632fa357a25
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f174eb2442ce5ee3bac272114fb1f2a44a1affd724758a3eb409f8fb3bbabb52
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f1d80c3f42579ae988d008f6acf09b793902554891cb6eaf78100dd589f2e3c3
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b

defbill.com Open in urlscan Pro 2606:4700:3036::6815:38e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

98 %HTTPS

50 %IPv6

11 Domains

21 Subdomains

17 IPs

3 Countries

2928 kBTransfer

7509 kBSize

7 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

defbill.com Open in urlscan Pro
2606:4700:3036::6815:38e Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

21
Subdomains

17
IPs

3
Countries

2928 kB
Transfer

7509 kB
Size

7
Cookies

81 HTTP transactions
4 data transactions