www.billware.de Open in urlscan Pro
104.21.61.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.billware.de/share/v7nbevqflj
Effective URL:
https://www.billware.de/share/v7nbevqflj
Submission Tags: falconsandbox
Submission: On January 20 via api (January 20th 2021, 8:22:29 pm UTC) from US

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 104.21.61.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billware.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time www.billware.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 25	104.21.61.110 104.21.61.110		13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2

25 104.21.61.110 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.billware.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	billware.de 1 redirects www.billware.de	140 KB
24	1

	Domain	Requested by
25	www.billware.de	1 redirects www.billware.de
24	1

This site contains links to these domains. Also see Links.

Domain
davidcdaniel.us
www.cloudflare.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.billware.de/share/v7nbevqflj
Frame ID: 77D815867E847B7E3D4554124E441940
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.billware.de/share/v7nbevqflj HTTP 301
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

139 kB
Transfer

431 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://davidcdaniel.us/scarcenapiform.php?date=0
Title: table

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.billware.de/share/v7nbevqflj HTTP 301
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL
https://www.billware.de/share/v7nbevqflj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.billware.de/share/v7nbevqflj HTTP 301
https://www.billware.de/share/v7nbevqflj

24 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

v7nbevqflj Show response
www.billware.de/share/
Redirect Chain

http://www.billware.de/share/v7nbevqflj
https://www.billware.de/share/v7nbevqflj

10 KB
11 KB

180ms
67ms

Document
text/html

104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1527015afc51f5a28fdafac5675f228869f83ae9df6e7f854c06fb5ad3171ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.billware.de
:scheme: https
:path: /share/v7nbevqflj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d72eaa4e6f9762faf36fe3fcee10fd0401611174128; expires=Fri, 19-Feb-21 20:22:08 GMT; path=/; domain=.billware.de; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 07c30f44ba00001e9139335000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FvtakMxm9FHjcxmQmWXzxWAfU9qza6yDPVuavaWH%2B6MbjIawkBGZPwxIuWhqKxHOtE1QcK1Eor4zK2V2GOJFcnt%2BJ69E7lZtKmJbAzZTdDE%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 614b81812cc11e91-AMS

Redirect headers

Date: Wed, 20 Jan 2021 20:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 20 Jan 2021 21:22:08 GMT
Location: https://www.billware.de/share/v7nbevqflj
cf-request-id: 07c30f43ec00000b80e3a82000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q3OxMreqRzF2%2FNDbp6eEXicuCb0w43qrhxauaQYfn4l%2FRuh%2BEqhXMXRjzpqrtHZudntcrnLsX%2BL07vQAvYAOMHvzqwcSo2A25l%2Bl0hqLt60%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 614b817fecc10b80-AMS

GET
H2 200 v1 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
13 KB 107ms
106ms Script
text/javascript 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by: Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3749047d896f111c9ab1ee8edf303d35527925d1e27fb016f047e8960b55007a

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:09 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S5URahtWKVnFTTVX9P2gE4r%2FCjL0UE6q%2Bf3bo6veTdfUuNGTEqrpIYipDgC32CiMBBwjxJxUljNK0pKZF4dsaRZHnr48pQuOvpL6eb4jYD8%3D"}],"max_age":604800}
content-type: text/javascript
cf-ray: 614b8183ab171e91-AMS
cf-request-id: 07c30f464700001e91191ac000000001

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
242 B 51ms
50ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=614b81812cc11e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b8183ab181e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:09 GMT

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 51ms
51ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=614b81812cc11e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b8183ab191e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:09 GMT

POST
H2 200 595715df149d108 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81812cc11e91/ 39 KB
7 KB 162ms
162ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81812cc11e91/595715df149d108
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511d60bad51c40c033d471361b0625382e492a36f9d1f165b586d75d85ff6075

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 595715df149d108
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:09 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hsoR4Bl2fTz9nFwyW43ZwQLiuxJxbgzGmrhtLGs2m2iUFC7viNsGbFOgZvCHefhM453i7lrWI8Vw7MoNnUDRRsEY6eW%2BuuC0IvG2ycgPphs%3D"}],"max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 614b8184ce6c1e91-AMS
cf-request-id: 07c30f470700001e913a197000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 392 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93cec2e14c5e0ea6ea77172f9e690e9df1e8998a26b43b366445b7e4c2ae5af4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 595715df149d108 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81812cc11e91/ 2 KB
1 KB 266ms
266ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81812cc11e91/595715df149d108
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997ebb659052da19457db101a557d2acdccffcd7ce44a9571e2be2c7290baa1d

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 595715df149d108
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:10 GMT
content-encoding: br
content-type: text/plain;charset=UTF-8
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf_chl_out: QSFenrX5GrDDGuOAqurxJNIXAEg/SjU5sOsdMBZz4fk1Myaak4qGXRAA4lfZTijW/28V4qGar/eqc2VyZ8hdbgyRcGZpfWvoMx2GBHwIAgmI/5J2Fj9dEO+tZ0v98iByXsmZJwhuOShpF9+H7GHpnw==$oDTPTSVzoi9xcYhalAea+g==
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6i5JvvK2xODQ1QBSQK%2FdcZHhnEnbsNb0WCDGcZ9m90jeifRJxaerDaYkNaGWShGvcDHIhaIJiJgwCAt5tgxTN9i0x60KukMEJrDHj21EpSg%3D"}],"max_age":604800}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614b818c9b5a1e91-AMS
cf-request-id: 07c30f4be200001e91173ee000000001

GET
H2 503 v7nbevqflj Show response
www.billware.de/share/ 10 KB
10 KB 47ms
46ms Document
text/html 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billware.de/share/v7nbevqflj

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5cb745bee21ad7d3d9a639f58934d0bd654ecbda44d9756c4bae11779479f4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.billware.de
:scheme: https
:path: /share/v7nbevqflj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.billware.de/share/v7nbevqflj
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d72eaa4e6f9762faf36fe3fcee10fd0401611174128; cf_chl_1=595715df149d108; cf_chl_prog=F19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.billware.de/share/v7nbevqflj

Response headers

date: Wed, 20 Jan 2021 20:22:13 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 07c30f566d00001e91470de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PbvCTrn8RfZIKyvIc8joTZofoBtCghVNba1wbSse0aDncq1nwbeM0ezZOPraYFaHOOY%2F2BVc5h6VrB4zBo7RYguCb1BKizsgRwRpymDEOvc%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 614b819d795c1e91-AMS

GET
H2 200 v1 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
13 KB 64ms
64ms Script
text/javascript 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by: Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3749047d896f111c9ab1ee8edf303d35527925d1e27fb016f047e8960b55007a

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:13 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gcnOmJIOGmJlSStiFQk9xumiasqlSA0WC7RB2WPzk7U4KMXbTwMGqiU3ToAlEffqT4KHnW49Wg9iJGjrXiqNh7g4uBuY9MIN1cn3VSkeIrY%3D"}],"max_age":604800}
content-type: text/javascript
cf-ray: 614b819dda211e91-AMS
cf-request-id: 07c30f56a600001e917627a000000001

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
124 B 41ms
35ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=614b819d795c1e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b819dea3b1e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:13 GMT

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 39ms
34ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=614b819d795c1e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b819dea5a1e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:13 GMT

POST
H2 200 44ce442d5d3bbf5 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b819d795c1e91/ 50 KB
8 KB 106ms
106ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b819d795c1e91/44ce442d5d3bbf5
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de27eea0fd2fd52aa0cb7ea89d51b38a6463a85b73ca2cd5e6616a068d1ed9d

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 44ce442d5d3bbf5
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:13 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a2YvMVtfnE1FYN7dC23o518n4aNg9nmWs1QwFN%2Bjcj%2B276Xf7xOj6NtS7ho%2B540OPi2vHsru6sZ6TLj1qV%2FdS5AuqkgALSoenQzH7evkcJk%3D"}],"max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 614b819eac191e91-AMS
cf-request-id: 07c30f572600001e91170fa000000001

POST
H2 200 44ce442d5d3bbf5 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b819d795c1e91/ 2 KB
1 KB 304ms
304ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b819d795c1e91/44ce442d5d3bbf5
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7034cd8ae12231f352883b4bd4a19c5cd62191ec8420204c2bca10c7c94b0c3f

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 44ce442d5d3bbf5
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:14 GMT
content-encoding: br
content-type: text/plain;charset=UTF-8
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf_chl_out: iunidmZggTypVzqkfTYXBo658b/pverFapQv0n2gWLhzFv1S1NHv5HN4bY6pMWrOdnYJRTGav/0oQ8f6O1dOsOMtm5Mcj6uFd1bn9Jo4HX87XqNqqlll3C7Ouiz2Tljri2GflZ48EUYsTVvT3tRcKg==$WulFiEjhNVPdXzP+30iPmA==
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dPw26ohWGrl3W%2FxxzPzK5DHP4Ld09ndyfhq%2BcaeAJb%2F7nYvsq6MFSiVgmYFPObsEMjH7qqxj4Vm0cVHg2Uml7XfESPFBZNpgvWvmPVYyCL4%3D"}],"max_age":604800}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614b81a27e241e91-AMS
cf-request-id: 07c30f599200001e913980a000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 v7nbevqflj Show response
www.billware.de/share/ 10 KB
10 KB 78ms
76ms Document
text/html 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billware.de/share/v7nbevqflj

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f744ef8bcc5fcef922b310207c10a4c0f173344b5f4bd9ea7eae9cb158ecd82

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.billware.de
:scheme: https
:path: /share/v7nbevqflj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.billware.de/share/v7nbevqflj
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d72eaa4e6f9762faf36fe3fcee10fd0401611174128; cf_chl_1=44ce442d5d3bbf5; cf_chl_prog=F21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.billware.de/share/v7nbevqflj

Response headers

date: Wed, 20 Jan 2021 20:22:17 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 07c30f66b300001e91753b8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=54uT9mx71Ioce1MhRbJ%2BnV%2BhVzfae4uAJ1gdLCB6FGZ9mEmCppQdo%2FGxPfy7NOOpPs8YtYQHwFslbQaZHPXbgi9NBz1ZtKaNLORaOk998TQ%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 614b81b78c601e91-AMS

GET
H2 200 v1 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
13 KB 72ms
71ms Script
text/javascript 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by: Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3749047d896f111c9ab1ee8edf303d35527925d1e27fb016f047e8960b55007a

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:17 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sw2rZTJ9MU8Zzrf6uu6MhIo33FVXmSY3mmMRPZPBW1ihHCtIMBTrpytZ%2FT7aN5eQxZJkRKihhP%2BT3mVndDmhn5lLzagRU%2FR%2BI5jmNwmjya4%3D"}],"max_age":604800}
content-type: text/javascript
cf-ray: 614b81b80dee1e91-AMS
cf-request-id: 07c30f670000001e9171b00000000001

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
219 B 70ms
69ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=614b81b78c601e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b81b80df11e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:17 GMT

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 78ms
78ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=614b81b78c601e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b81b80df21e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:17 GMT

POST
H2 200 81d706ff5c34ac8 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81b78c601e91/ 52 KB
8 KB 147ms
147ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81b78c601e91/81d706ff5c34ac8
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e53a9c86b33baa63fc02d303d1965b509f267cd4b3ff37cf2e27c1b511af22

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 81d706ff5c34ac8
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:17 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PAjJxAPV15Hiz8FTb6OHbPf0wm4RKYQkHK7aCnbX7P1is0%2FQ1JTPYgZhVfZb0%2FHlBnOhiEZHGx2GuM8tSzk41iOwJG%2B3KdsLJ9CeMcvaPus%3D"}],"max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 614b81b8bff11e91-AMS
cf-request-id: 07c30f677500001e911910f000000001

POST
H2 200 81d706ff5c34ac8 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81b78c601e91/ 2 KB
1 KB 251ms
251ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81b78c601e91/81d706ff5c34ac8
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e108aaf80e045017dfdaadb157ae2a2956fdc1c3458fd352310fb0e010a0e9

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: 81d706ff5c34ac8
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:18 GMT
content-encoding: br
content-type: text/plain;charset=UTF-8
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf_chl_out: nYzOSbqXoR5VfYjl/LybBzLSLANQqqWGHuI9/i95zvTtCS88+le6llwXxVK63TDp/0JxA26I2PAAuAJnyFFeKdtHIJgx4snqo2dRbs/mikpFWmZWNfeDXP4DQRVjb4hK9T3ohHIEOyKxw/Tgu8YayQ==$CaY2XSMLYenV4bUPzdyM4A==
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wdBqB3AAGozMTWVj46tQxYMdDg6ORu4MSFkxKHorxJ2vJ1cht69QLHcrmjXJtFvHy8EUv8T91QGnOd9rUy4f0wrcIzGlBXKLMQsQx67MDK4%3D"}],"max_age":604800}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614b81be6dc71e91-AMS
cf-request-id: 07c30f6b0500001e9119972000000001

GET
H2 503 Primary Request v7nbevqflj Show response
www.billware.de/share/ 10 KB
10 KB 95ms
82ms Document
text/html 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billware.de/share/v7nbevqflj

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf8b0a319ac369c9954accd798d06f95b028a317cd8f7df7a439b4fc78fd1710

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.billware.de
:scheme: https
:path: /share/v7nbevqflj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.billware.de/share/v7nbevqflj
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.billware.de/share/v7nbevqflj

Response headers

date: Wed, 20 Jan 2021 20:22:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d410042dbf5a4c9f7a7d9ae9995bff29d1611174141; expires=Fri, 19-Feb-21 20:22:21 GMT; path=/; domain=.billware.de; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 07c30f770d00001e911927f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lASmLxmrNw0uZ62XEEFHlXw72%2BV4b00p1eQAaGaYkP%2BYrb%2BhqF4Am%2Fhsg17kSQ80pxlIlwmhy%2FkdOshiJtvDfnsvxkdJWxWCPs1BAWNASNw%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 614b81d1a9701e91-AMS

GET
H2 200 v1 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
13 KB 166ms
143ms Script
text/javascript 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by: Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3749047d896f111c9ab1ee8edf303d35527925d1e27fb016f047e8960b55007a

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:22 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=761QQvMtiwnYetTINHfCLvkTFmL9Og7kzaDWpDyaQutyQsRecAJoZGNxVu7jHCnHvMRHZZS%2BZCfo8i9dcUCNN0fOzlG7jXYPSxugir8%2Bo90%3D"}],"max_age":604800}
content-type: text/javascript
cf-ray: 614b81d33dc91e91-AMS
cf-request-id: 07c30f780800001e91731b0000000001

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
101 B 97ms
75ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=614b81d1a9701e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b81d33dca1e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:21 GMT

GET
H2 200 transparent.gif
www.billware.de/cdn-cgi/images/trace/jschal/nojs/ 42 B
124 B 91ms
70ms Image
image/gif 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billware.de/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=614b81d1a9701e91

Requested by

Host: www.billware.de
URL: https://www.billware.de/share/v7nbevqflj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 20:22:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Jan 2021 19:12:17 GMT
server: cloudflare
etag: "60009791-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 614b81d33dc71e91-AMS
vary: Accept-Encoding
content-length: 42
expires: Wed, 20 Jan 2021 22:22:21 GMT

POST
H2 200 dd4e22e6110dee5 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81d1a9701e91/ 93 KB
18 KB 305ms
305ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81d1a9701e91/dd4e22e6110dee5
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0342cc43e4c59ef2be0b2e365ea1c05c6a670c665336fe269d4633ecf03e27

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: dd4e22e6110dee5
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:22 GMT
content-encoding: br
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zQDWQjtaiKutYN3wlBhhcseyTCU2e3yLZMx3kgeTduYpbZ9%2FwvDJdkpsQFXzyLicB6aTvtOHT8h6uOXGIIU%2FaPJx%2F84XeBwCtU8024bQzNs%3D"}],"max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 614b81d4b9861e91-AMS
cf-request-id: 07c30f78f400001e9152250000000001

POST
H2 200 dd4e22e6110dee5 Show response
www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81d1a9701e91/ 2 KB
1 KB 229ms
227ms XHR
text/plain 104.21.61.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/generate/ov1/0.40123907279822:1611173812:1ef4e618f8fe6892c32ab81bd59a182a0db0c8910939aeb319aea5cdb0b76879/614b81d1a9701e91/dd4e22e6110dee5
Requested by: Host: www.billware.de
URL: https://www.billware.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb7626699f446fc3b35b266467e7bf8e5e414757e5f7aa64b550bc3ac2a0583d

Request headers

Referer: https://www.billware.de/share/v7nbevqflj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: dd4e22e6110dee5
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Jan 2021 20:22:24 GMT
content-encoding: br
content-type: text/plain;charset=UTF-8
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf_chl_out: tOhcmUK1rAWLTBIrjyo7JhHgI18NeYegZwTWQiyxisu8hLf20nQAZAXqWf6/FKMCuuxK+Ww1WskoKmJPSqw7+K+2nfvbU0A9NYIyq9oVwy4XjB1qz1K3Baz5GCsOx/RMtKBaaP1zJ9RJaXM1SkgtEA==$wWgluRjIHjq2GiqLpgSXdw==
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z6rEwLstBUhUS5JMn7MvUe205wK9rEG3j9eNvMh0W74AJ04VFo%2F2zDvS1DJoSsOZw4dY5EGaULT%2FfeznM6Yt5ZQDSlKo3n9IzkXJSnQdULY%3D"}],"max_age":604800}
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614b81e22a9c1e91-AMS
cf-request-id: 07c30f815c00001e9166ad3000000001

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.billware.de/	1970-01-19 15:32:57	Name: cf_chl_prog Value: e
www.billware.de/	1970-01-19 15:32:57	Name: cf_chl_1 Value: dd4e22e6110dee5
.billware.de/	1970-01-19 16:16:06	Name: __cfduid Value: d410042dbf5a4c9f7a7d9ae9995bff29d1611174141

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.billware.de
104.21.61.110
30e53a9c86b33baa63fc02d303d1965b509f267cd4b3ff37cf2e27c1b511af22
3749047d896f111c9ab1ee8edf303d35527925d1e27fb016f047e8960b55007a
4b0342cc43e4c59ef2be0b2e365ea1c05c6a670c665336fe269d4633ecf03e27
4de27eea0fd2fd52aa0cb7ea89d51b38a6463a85b73ca2cd5e6616a068d1ed9d
511d60bad51c40c033d471361b0625382e492a36f9d1f165b586d75d85ff6075
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7034cd8ae12231f352883b4bd4a19c5cd62191ec8420204c2bca10c7c94b0c3f
93cec2e14c5e0ea6ea77172f9e690e9df1e8998a26b43b366445b7e4c2ae5af4
997ebb659052da19457db101a557d2acdccffcd7ce44a9571e2be2c7290baa1d
9f744ef8bcc5fcef922b310207c10a4c0f173344b5f4bd9ea7eae9cb158ecd82
a9e108aaf80e045017dfdaadb157ae2a2956fdc1c3458fd352310fb0e010a0e9
c5cb745bee21ad7d3d9a639f58934d0bd654ecbda44d9756c4bae11779479f4b
cf8b0a319ac369c9954accd798d06f95b028a317cd8f7df7a439b4fc78fd1710
e1527015afc51f5a28fdafac5675f228869f83ae9df6e7f854c06fb5ad3171ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb7626699f446fc3b35b266467e7bf8e5e414757e5f7aa64b550bc3ac2a0583d

www.billware.de Open in urlscan Pro 104.21.61.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

139 kBTransfer

431 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

3 Cookies

www.billware.de Open in urlscan Pro
104.21.61.110 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

139 kB
Transfer

431 kB
Size

3
Cookies

24 HTTP transactions
3 data transactions