urlscan.io logo urlscan.io
SecurityTrails logo

www.billing.tek-mafia.org Open in urlscan Pro
185.221.216.247  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.billing.tek-mafia.org/
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 185.221.216.247, located in London, United Kingdom and belongs to HOST4GEEKS-LLC, US. The main domain is www.billing.tek-mafia.org.
TLS certificate: Issued by R11 on August 7th 2024. Valid for: 3 months.
This is the only time www.billing.tek-mafia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 185.221.216.247 393960 (HOST4GEEK...)
1 104.17.24.14 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
18 6
9    185.221.216.247 (London, United Kingdom)

ASN393960 (HOST4GEEKS-LLC, US)
PTR: uksrv4.websiteserverbox.com
www.billing.tek-mafia.org
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 tek-mafia.org
www.billing.tek-mafia.org
110 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
156 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
79 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
11 KB
18 6
Domain Requested by
9 www.billing.tek-mafia.org www.billing.tek-mafia.org
3 use.fontawesome.com www.billing.tek-mafia.org
use.fontawesome.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.billing.tek-mafia.org
1 code.jquery.com www.billing.tek-mafia.org
1 cdnjs.cloudflare.com www.billing.tek-mafia.org
18 6

This site contains links to these domains. Also see Links.

Domain
github.com
www.linkedin.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
www.billing.tek-mafia.org
R11		 2024-08-07 -
2024-11-05		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.billing.tek-mafia.org/
Frame ID: FB81D524A605C6F89A37DE5320AFA284
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

374 kB
Transfer

664 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.billing.tek-mafia.org/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed / PHP/8.3.9
Resource Hash
41dabd17d41cac1918a2d679d757b6826330389fc0ca3f61060b7ca572b16763

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 16:09:19 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.3.9
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.billing.tek-mafia.org/
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
79433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Sat, 06 Jan 2024 21:52:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bda5-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2F2h6r17qgyUP6oImhX0%2FYuxs2XcygP5mjN3pH%2FqS8pXdIGrMOOUtdY45M%2FD702EAAreoYbtnoIw42q84Kyapv3DMF7DXtapepmuJ8tRkOPtI644lVWp0LBgl1bnc1LXICDxXmH2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b09028808e39445-LHR
expires
Wed, 30 Jul 2025 16:09:19 GMT
all.css
use.fontawesome.com/releases/v5.7.2/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://www.billing.tek-mafia.org/
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5sJVsnD0dnogupNrmXcVg02smRlKdP25HKQB1%2FADKtTIAiPNVzjq6%2FAL9STetg%2FO8%2FjQFwcC6FQc5LL5%2BAxAAHG5qlFuK%2Fa0q1TnGDaF1IZ6pWlZzWcauGTazv3wsuMM8rmh76t9HgqPx7%2BrWbzttv9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8b0902884899769d-LHR
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		1 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
624e86189772b537bac6cdd7473595a69d9b90241203e2422fb4b5f0aa8e7014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 15:53:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 16:09:19 GMT
style.css
www.billing.tek-mafia.org/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/style.css
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
555c4345a155b6e060e13c9d0184e38ad19c9545db91124f7b0c5f12ee3539a0

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
last-modified
Wed, 07 Aug 2024 01:18:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
924
expires
Fri, 16 Aug 2024 16:09:19 GMT
main.js
www.billing.tek-mafia.org/ 		434 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/main.js
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
c703109f16bdf2c4bbbd2ca40a5c35d2ef184c179fb2688108e78d2ab43ce47e

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
last-modified
Wed, 07 Aug 2024 01:18:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
181
jquery-1.10.2.js
code.jquery.com/ 		267 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.2.js
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1245735
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
80743
x-served-by
cache-lga21934-LGA, cache-man4126-MAN
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723219759.388016,VS0,VE0
etag
W/"28feccc0-42b2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5785, 1329
css2
fonts.googleapis.com/ 		5 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800;900&display=swap
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48a0f85ada4be913ffa982b824c6e77a5e1cddb91f5cf7705ed94fb15c9a9278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 15:37:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 16:09:19 GMT
nav.html
www.billing.tek-mafia.org/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/nav.html
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
4b4b7b30a0f853ce0e538236ea92a09c03f73ad0a14405819fe4344e48450ecc

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
last-modified
Wed, 07 Aug 2024 06:26:36 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1089
showcase.jpg
www.billing.tek-mafia.org/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.billing.tek-mafia.org/images/showcase.jpg
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
0c0a49dce05d006d42ceee99e7a42e6f976ca681d9c33879a76f4a4ff57f128f

Request headers

Referer
https://www.billing.tek-mafia.org/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
last-modified
Wed, 07 Aug 2024 01:18:14 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
79044
expires
Fri, 16 Aug 2024 16:09:19 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:06:59 GMT
x-content-type-options
nosniff
age
241340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 21:06:59 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:01:24 GMT
x-content-type-options
nosniff
age
205675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 07:01:24 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"462806316fea535a6a57651bc2b000b0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1b0ZYCUgSsWGofzPHOWohu7clsv7SanM4CHLlbADuUPXc0T5kU5NYUWYcGp106xhfk4xXSXn6G9J%2BbaR41GvdO6HaEUG28eBcl%2FIw7UMbMfPhTjfUrwFpFu2B0fthB50JvS4LNMkOKxrCD1jpEPFAeO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8b09028999e0769d-LHR
alt-svc
h3=":443"; ma=86400
content-length
74348
fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://www.billing.tek-mafia.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4b115e1153a9ea339d6a0bb284cc8ed3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGIC%2FtbYaTWxIG9pXny%2Fp%2FH1MwKFoJURl763KNhICtMD1%2F5UWF3b8NfOG43AJDlfUjFTWvRL3ltOBdTdK%2Fi1uv%2FCwCrwEO8Tlg8exiYFkDWSIzX00GRD5HA%2BTHBtIuo8BZj%2FUx50Tk9%2FKFkjMPaO0F3S"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8b09028999e2769d-LHR
alt-svc
h3=":443"; ma=86400
content-length
72112
media.css
www.billing.tek-mafia.org/ 		4 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/media.css
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
80b8756137ccf6bda65d4ac48e99fe28cc12d110fcfcb3e869e353504eac63d6

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
last-modified
Wed, 07 Aug 2024 01:18:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
980
expires
Fri, 16 Aug 2024 16:09:19 GMT
items_grid.css
www.billing.tek-mafia.org/ 		3 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/items_grid.css
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
88ed2af2544397e5e1755623f9b119f5d6df2e9167883cc8601e0ac85c356fdb

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
content-encoding
br
last-modified
Wed, 07 Aug 2024 01:18:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
941
expires
Fri, 16 Aug 2024 16:09:19 GMT
logo.png
www.billing.tek-mafia.org/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.billing.tek-mafia.org/images/logo.png
Requested by
Host: www.billing.tek-mafia.org
URL: https://www.billing.tek-mafia.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
f93c6e8595bdab543876ccf0b12852309f66d37bfd51dbc0b5ecacce8dcd9982

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:09:19 GMT
last-modified
Wed, 07 Aug 2024 06:27:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25783
expires
Fri, 16 Aug 2024 16:09:19 GMT
favicon.ico
www.billing.tek-mafia.org/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.billing.tek-mafia.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.221.216.247 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uksrv4.websiteserverbox.com
Software
LiteSpeed /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Referer
https://www.billing.tek-mafia.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 16:09:19 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1251
content-type
text/html

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| includeHTML function| $ function| jQuery

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.billing.tek-mafia.org/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://www.billing.tek-mafia.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
www.billing.tek-mafia.org
104.17.24.14
185.221.216.247
2606:4700:3036::6815:1b98
2a00:1450:4001:80b::2003
2a00:1450:4001:831::200a
2a04:4e42:600::649
0c0a49dce05d006d42ceee99e7a42e6f976ca681d9c33879a76f4a4ff57f128f
41dabd17d41cac1918a2d679d757b6826330389fc0ca3f61060b7ca572b16763
48a0f85ada4be913ffa982b824c6e77a5e1cddb91f5cf7705ed94fb15c9a9278
4b4b7b30a0f853ce0e538236ea92a09c03f73ad0a14405819fe4344e48450ecc
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
555c4345a155b6e060e13c9d0184e38ad19c9545db91124f7b0c5f12ee3539a0
624e86189772b537bac6cdd7473595a69d9b90241203e2422fb4b5f0aa8e7014
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80b8756137ccf6bda65d4ac48e99fe28cc12d110fcfcb3e869e353504eac63d6
88ed2af2544397e5e1755623f9b119f5d6df2e9167883cc8601e0ac85c356fdb
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
c703109f16bdf2c4bbbd2ca40a5c35d2ef184c179fb2688108e78d2ab43ce47e
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f93c6e8595bdab543876ccf0b12852309f66d37bfd51dbc0b5ecacce8dcd9982