urlscan.io logo urlscan.io
SecurityTrails logo

puffpasse.billgang.store Open in urlscan Pro
2606:4700:20::681a:ee8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://puffpasse.billgang.store/
Effective URL: https://puffpasse.billgang.store/
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:ee8, located in United States and belongs to CLOUDFLARENET, US. The main domain is puffpasse.billgang.store.
TLS certificate: Issued by GTS CA 1P5 on March 31st 2024. Valid for: 3 months.
This is the only time puffpasse.billgang.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 172.67.68.209 13335 (CLOUDFLAR...)
4 104.18.3.36 13335 (CLOUDFLAR...)
1 172.67.72.91 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 6
3    2606:4700:20::681a:ee8 (United States)

ASN13335 (CLOUDFLARENET, US)
puffpasse.billgang.store
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    172.67.68.209 (United States)

ASN13335 (CLOUDFLARENET, US)
stores-api.billgang.com
t-api.billgang.com
4    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    172.67.72.91 (United States)

ASN13335 (CLOUDFLARENET, US)
puffpasse.billgang.store
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 billgang.com
stores-api.billgang.com
t-api.billgang.com
7 KB
4 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 18648
104 KB
4 billgang.store
puffpasse.billgang.store
273 KB
1 gstatic.com
fonts.gstatic.com
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
986 B
18 5
Domain Requested by
4 t-api.billgang.com puffpasse.billgang.store
4 imagedelivery.net
4 stores-api.billgang.com puffpasse.billgang.store
4 puffpasse.billgang.store puffpasse.billgang.store
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com puffpasse.billgang.store
18 6

This site contains links to these domains. Also see Links.

Domain
discord.gg
t.me
Subject Issuer Validity Valid
billgang.store
GTS CA 1P5		 2024-03-31 -
2024-06-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
billgang.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
imagedelivery.net
E1		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://puffpasse.billgang.store/
Frame ID: 94A9EE1F28CD720981FDD99317B7F729
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home — PuffPasse

Page URL History Show full URLs

  1. http://puffpasse.billgang.store/ HTTP 307
    https://puffpasse.billgang.store/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

463 kB
Transfer

1124 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://puffpasse.billgang.store/ HTTP 307
    https://puffpasse.billgang.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
puffpasse.billgang.store/
Redirect Chain
  • http://puffpasse.billgang.store/
  • https://puffpasse.billgang.store/
1 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://puffpasse.billgang.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9db40bdc76ce9e33e71beef237cecfa1eaac99a76cfed84320e345851e32ce0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
889116381be7bbf2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 May 2024 23:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FMm3OUNVOJNztps7RY%2BXWN%2F3watjLTETy7dTX0YsPbwUD0ifubooIOK3DfGeNibZQx9Rgk9wWxkiVBAdiDctC9Z0yr5yQbv1kGNArGCCVpJmUadM%2FnfbFkEk%2BvhR5zObxNyM2VMZ2DQuvgpfkgO2iMqYdPkHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://puffpasse.billgang.store/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		2 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 23:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 23:13:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 23:32:45 GMT
index-oNFtaUn1.js
puffpasse.billgang.store/assets/ 		859 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Origin
https://puffpasse.billgang.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 23:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJ1SbnWN7wLkGf4dIy1i7E9gY8n3pH6znBQoF%2FD%2F4mFlkx9dyFC1xR7xZo7k%2B1t8oz7H7tGoARI6bEcUVKt%2BDI3pepsGitJORss4VSeNtvANESjbiWglGVhnQyM%2BCjhXfVUPY4egX4VhKjVkNlzsoa66lyeM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88911638ec6ebbf2-FRA
alt-svc
h3=":443"; ma=86400
index-CSeDjF6Q.css
puffpasse.billgang.store/assets/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://puffpasse.billgang.store/assets/index-CSeDjF6Q.css
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Origin
https://puffpasse.billgang.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 23:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZv3Z4GROxtT96GHRqFg6EQ1mwWqLTeLg1VavOsmyP2TCRb3N8k8RGbRHI1%2BMkh5f7DTV2PSkikNfk0%2BSsSNsuoNK8PIdA4E45nwUPH4AXrrIYDGZj3BAPglQqkSe3211uviowICF7G3G%2BE5rdg%2BeIAyNjNxGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88911638dc6dbbf2-FRA
alt-svc
h3=":443"; ma=86400
general
stores-api.billgang.com/shops/puffpasse.billgang.store/ 		438 B
732 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/puffpasse.billgang.store/general
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642b9c1b80c3b521b2fe3a280141db59c01dbf66ae1c29ffbc1507669fbca72e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
13
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2CHeXunyPg3cEKINhhy3zwqDhws%2BxJMCLDV3kIGrONh8fVFtsdK%2FcvyVm6s1QBZcxdAKb2WGOKgYSaYbZVPnrW44y7%2FPEwe%2FkjISvNvIdcg1xac9l1qv30hILhcpbCmb93ifYaWYC%2FS"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163ad9c703a6-FRA
alt-svc
h3=":443"; ma=86400
settings
stores-api.billgang.com/shops/puffpasse.billgang.store/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/puffpasse.billgang.store/settings
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b7d68b137cc722d2c39b0ab1f0db04dce98f5d28c7633d50165bc886f776d2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
12
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUqoihcI%2FPJIls8d1Ek4uttytlrBYj0Iih7iCggbMFH%2BqGMkwgdch18mQk2iQCduCBlXXz5BQmagZDAj75hmFMatBQFFhPIDVN8InoXzoE%2F6sft3HhSpQQPHiXm8LEquPhC5s%2BwcHMSz"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163ad9c903a6-FRA
alt-svc
h3=":443"; ma=86400
w=100
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/w=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008ee42d5e3dbe65ada9fc94b803d76488ed5643322e2cbc29aa0cf222d0d97b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=29+0 c=14+98 v=2024.5.2 l=5020
date
Fri, 24 May 2024 23:32:45 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
5020
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf_gOHbx2eP6J7Gr2EVZOt4S1_NEWuYOetQxiZZywEDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8891163aec7f6a77-TXL
iconSprite.svg
puffpasse.billgang.store/ 		21 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://puffpasse.billgang.store/iconSprite.svg
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 23:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1bnwQgMmO11IQHJXZF482RzHZF8qcaKQIAdKXV8LBLe978lUnS9sDh5sbML6X7wtlPrJkAKUC80WBShcEcgtga6j2WQpCBh%2BR0EgNlZl%2BvKnjhp%2Bb%2BttLuZPmFkJZ8O5lKeuWq7Uwx%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8891163b68904db1-FRA
alt-svc
h3=":443"; ma=86400
%2F
stores-api.billgang.com/shops/puffpasse.billgang.store/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/puffpasse.billgang.store/%2F
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bff1d02731cdd93faf15bca7e96ac045bb7c044bd2cd92b501d3849b56913da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
92
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5oL5tFxSIOftv2W5HzqGB0VNwxBPny61dJDyswKkDC8VW%2FfJhMmQ0q4gtwZMX59ExhTcjUzKA%2FumiFkaPMcYOd1VJVDlsTFzjYv68AL%2FnoXg0W8tbsQeCahPP4BxdkeeJldtBWnAVsw"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163b8a3e03a6-FRA
alt-svc
h3=":443"; ma=86400
%2F
stores-api.billgang.com/shops/puffpasse.billgang.store/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/puffpasse.billgang.store/%2F
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bff1d02731cdd93faf15bca7e96ac045bb7c044bd2cd92b501d3849b56913da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
5
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivitOoXNHvy78qdSaHZ5%2B95S4qidBSOGsaOiGElrnCUAZhe97uyiTNQDtHBoZnpoOLrqj0hZUfAtfgPLfy7csa06luBrX6HiF5Hjlxzsh%2Bfub9Y%2BCM8Bi4Ka7yPjorwq8%2Bj1tWGFus%2FV"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163c7b0f03a6-FRA
alt-svc
h3=":443"; ma=86400
p
t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/ 		54 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1649fb8e1cc3ec5401adb828fc19a94e7edd95c9271cc2e0a98d1ecb65bb83

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rK6e8sfAXVg%2BwLpF%2FlUQdMrPBJUavrMMKOhiMLOkshjurV7GgsKR%2BgSnsvpkk6GGMyP%2B6QYBddy5T51EhXZjM4sziw%2BL7g21DsR6HPlSoEeUrLUIBCVYQNC%2BLfxs8Oq2OSpkLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163b9a5003a6-FRA
alt-svc
h3=":443"; ma=86400
3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
fonts.gstatic.com/s/bricolagegrotesque/v2/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bricolagegrotesque/v2/3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://puffpasse.billgang.store
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 00:01:02 GMT
x-content-type-options
nosniff
age
171104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78872
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 21:32:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 00:01:02 GMT
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5821b1233ef5d41a2a08be9270d55dd4518237f8e64dece1e32bc859e603ca44
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=32+104 c=12+213 v=2024.5.2 l=22842
date
Fri, 24 May 2024 23:32:46 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
22842
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf_gOHbx2eP6J7Gr2EVZOt4S1_hi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8891163b9db86a77-TXL
w=150
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f4a3ac81-6257-4f65-7b07-0be8dcf6a000/w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf02a9f03935a57804c543f527d552dd43d1507f84eb1c52a0c071510237461
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=19+0 c=10+71 v=2024.5.2 l=7496
date
Fri, 24 May 2024 23:32:46 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
7496
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf_gOHbx2eP6J7Gr2EVZOt4S1_r3a4R_Tyycf9pL2QDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8891163b9dbb6a77-TXL
s
t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/ 		54 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/s
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b640740772e386ce4edfbac00d4cb5a1c4371b7669fe8018eba6699a577100a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfqAZ%2BPGA10%2FFzzgFpPx8v0HxxcWLMyq6iTIwgjP4eVr1lz00dFgKWetZVQwmQja%2FFQfq5bj%2B%2FGQAKcAMWQBTijxvGIv9STRhjpfZa%2BsIUFt1iUbohysFNQt5WwQtpY2tkiYBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163c1aba03a6-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/s/b693fa81-37f5-4317-831e-f865a83667fa/ 		54 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/s/b693fa81-37f5-4317-831e-f865a83667fa/e
Requested by
Host: puffpasse.billgang.store
URL: https://puffpasse.billgang.store/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1043d434d8135734a617b711ee8eec9d96acb0034c629828ce3a92479099ca3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 May 2024 23:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8N6m5gvAjwRCLzOQGOcxA8z8fbmwXVSU5rTBGnlg3%2BK4mIGrTj74j8zADQ0NnjS8uIcCnXAaapAPUV41ka3JEOAyHXvzKUq%2BPZ6GLI2tyNRs%2Fp1lFOIMqgX5UT8CvRjUrpvpEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8891163ceb5b03a6-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/s/b693fa81-37f5-4317-831e-f865a83667fa/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/1e773bce-3065-46a4-96c8-c0173e738043/t/p/07a5011d-dbd8-4865-b0d5-23ffb14e6040/s/b693fa81-37f5-4317-831e-f865a83667fa/e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://puffpasse.billgang.store
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8891163c8b1603a6-FRA
date
Fri, 24 May 2024 23:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPY9tktMOZzNb3VIqbUYmNmuZWucX7MUhD41UGcEsDEMsawCLGztIwkifXiodWM%2B%2FU31zqN9tXVzTG3mR7cCuwyhPqTpccc917cmtouY93w7aGJiUrqb4qgGVke0YUmCXkuW6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/1a84b358-193d-4492-ce4a-2b6d7fac7100/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/1a84b358-193d-4492-ce4a-2b6d7fac7100/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8f0c062c865478660ac5dd6a01b728a4354f2253667a80533f12424c3ce3b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://puffpasse.billgang.store/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=17+125 c=0+0 v=2024.5.2 l=70175
date
Fri, 24 May 2024 23:32:46 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
70175
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfYfCz6db8TD-GhXyzyfD3IUVvcqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8891163d08606a77-TXL

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies