billing.ewals.sk Open in urlscan Pro
90.176.10.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billing.ewals.sk/
Effective URL:
https://billing.ewals.sk/users/login
Submission: On June 04 via automatic, source certstream-suspicious (June 4th 2020, 5:20:17 pm UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 90.176.10.108, located in Bratislava, Slovakia and belongs to O2BS, SK. The main domain is billing.ewals.sk.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 4th 2020. Valid for: 3 months.

This is the only time billing.ewals.sk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 15	90.176.10.108 90.176.10.108		28952 (O2BS) (O2BS)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b		20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:20:... 2606:4700:20::ac43:451d		13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

15 90.176.10.108 (Bratislava, Slovakia) 1 redirects

ASN28952 (O2BS, SK)

billing.ewals.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:451d (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ewals.sk 1 redirects billing.ewals.sk	321 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	69 KB
1	ionicframework.com code.ionicframework.com	8 KB
17	3

	Domain	Requested by
15	billing.ewals.sk	1 redirects billing.ewals.sk
2	maxcdn.bootstrapcdn.com	billing.ewals.sk
1	code.ionicframework.com	billing.ewals.sk
17	3

This site contains no links.

Subject Issuer	Validity	Valid
billing.ewals.sk Let's Encrypt Authority X3	`2020-06-04` - `2020-09-02`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
ionicframework.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://billing.ewals.sk/users/login
Frame ID: 04D0C1925198CB030B7A06F568FE49B8
Requests: 10 HTTP requests in this frame

Frame: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Frame ID: ECEC9CC9383B71C3EE9DBDB09C580567
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://billing.ewals.sk/ HTTP 302
https://billing.ewals.sk/users/login Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

398 kB
Transfer

458 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billing.ewals.sk/ HTTP 302
https://billing.ewals.sk/users/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
billing.ewals.sk/users/
Redirect Chain

https://billing.ewals.sk/
https://billing.ewals.sk/users/login

3 KB
4 KB

773ms
772ms

Document
text/html

90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: 6222530d6e7f83d633bb215de33a23c424b1d47bde000f82dc1eee1bdc114db1

Request headers

:method: GET
:authority: billing.ewals.sk
:scheme: https
:path: /users/login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CAKEPHP=541ptt15ems6ticpfikg15ev0e; csrfToken=ad0f7e0aca5ff61bc937c012f626674eac69e695bba4c9fb2176f3c591c67d8e8e4599ee955f5e965cb70d47c0430edbec392ed9ba857857e0b06e71c2aa2361
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
x-debugkit-id: c7e0f5e1-c87c-4822-8122-ed33673ed570
date: Thu, 04 Jun 2020 17:19:56 GMT
content-length: 3580

Redirect headers

status: 302
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://billing.ewals.sk/users/login
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
set-cookie: CAKEPHP=541ptt15ems6ticpfikg15ev0e; expires=Fri, 05-Jun-2020 17:19:56 GMT; Max-Age=86400; path=/; secure; HttpOnly csrfToken=ad0f7e0aca5ff61bc937c012f626674eac69e695bba4c9fb2176f3c591c67d8e8e4599ee955f5e965cb70d47c0430edbec392ed9ba857857e0b06e71c2aa2361; path=/; HttpOnly
x-debugkit-id: 0679d72f-8ac9-4249-9c04-e9f69744e8db
date: Thu, 04 Jun 2020 17:19:56 GMT
content-length: 0

GET
H2 200 bootstrap.min.css
billing.ewals.sk/cake_depo/admin_theme/vendors/bootstrap/dist/css/ 118 KB
119 KB 615ms
612ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/cake_depo/admin_theme/vendors/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 11:15:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
status: 200
content-type: text/css;charset=UTF-8
x-debugkit-id: d0ba9b21-17f0-4dcf-a549-0b19346e31dd
cache-control: public,max-age=86400
content-length: 121200
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 1280ms
939ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

/

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
8 KB 42ms
22ms Stylesheet
text/css 2606:4700:20::ac43:451d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: b1cb6967168a4ed8e8cb7df38a4591bea128753b
date: Thu, 04 Jun 2020 17:19:57 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3101
x-cache: HIT
status: 200
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0321f1d0250000dfdfea3d2200000001
x-served-by: cache-fra19133-FRA
last-modified: Thu, 23 Apr 2020 20:57:29 GMT
server: cloudflare
x-github-request-id: 7CEA:1EBB:A4F593:CC7BBF:5ED718AB
x-timer: S1591288097.816522,VS0,VE1
etag: W/"5ea20139-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-proxy-cache: MISS
cf-ray: 59e352603c68dfdf-FRA
x-origin-cache: HIT
expires: Wed, 03 Jun 2020 03:37:39 GMT

GET
H2 200 green.css
billing.ewals.sk/cake_depo/admin_theme/vendors/iCheck/skins/flat/ 1 KB
1 KB 810ms
808ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/cake_depo/admin_theme/vendors/iCheck/skins/flat/green.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: e73bb2c797ee0dfe9a537ffcb52bae477d7217190c1e3b13ab8df37797693675

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 11:15:37 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
status: 200
content-type: text/css;charset=UTF-8
x-debugkit-id: eaf2a2d6-6923-459b-8336-e59de3058abc
cache-control: public,max-age=86400
content-length: 1317
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 bootstrap-progressbar-3.3.4.min.css
billing.ewals.sk/cake_depo/admin_theme/vendors/bootstrap-progressbar/css/ 5 KB
5 KB 915ms
913ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/cake_depo/admin_theme/vendors/bootstrap-progressbar/css/bootstrap-progressbar-3.3.4.min.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: 4e059a29738cba029d9716dcfffa50307bca5deff3ffb585574cfcf2c95c8bc2

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 11:15:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
status: 200
content-type: text/css;charset=UTF-8
x-debugkit-id: f8ce39d8-2964-430e-b001-a98cd63271e1
cache-control: public,max-age=86400
content-length: 5014
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 jquery-jvectormap-2.0.3.css
billing.ewals.sk/cake_depo/admin_theme/css/maps/ 6 KB
7 KB 874ms
872ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/cake_depo/admin_theme/css/maps/jquery-jvectormap-2.0.3.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: b1478839ba2692601df1c05cd9de6a1669b8f83ba8ab748137f2cf04a857ccb8

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 11:15:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
status: 200
content-type: text/css;charset=UTF-8
x-debugkit-id: 9fe74dbd-68ed-41ed-b983-4d69632bcc97
cache-control: public,max-age=86400
content-length: 6636
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 custom.min.css
billing.ewals.sk/cake_depo/admin_theme/build/css/ 61 KB
61 KB 773ms
772ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/cake_depo/admin_theme/build/css/custom.min.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: c303d0e35e540f477765a1df5cf6809dd05a5592157aced3decd7090c2d4b54e

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 11:15:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
status: 200
content-type: text/css;charset=UTF-8
x-debugkit-id: 829a19ba-62ed-4ace-b105-9cadfe28fdb6
cache-control: public,max-age=86400
content-length: 62701
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 toolbar.js Show response
billing.ewals.sk/debug_kit/js/ 4 KB
4 KB 541ms
539ms Script
application/javascript 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/js/toolbar.js?1589544625
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: 623757f1f7394e708f3cd4c3500041e5d3505436fe38b73476099900cd87a868

Request headers

Referer: https://billing.ewals.sk/users/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:57 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: application/javascript
status: 200
cache-control: public,max-age=86400
content-length: 3981
expires: Fri, 5 Jun 2020 17:19:57 GMT

GET
H2 200 c7e0f5e1-c87c-4822-8122-ed33673ed570 Show response
billing.ewals.sk/debug-kit/toolbar/ Frame ECEC 5 KB
5 KB 329ms
329ms Document
text/html 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL

https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570

Requested by

Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug_kit/js/toolbar.js?1589544625

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),

Reverse DNS

Software

Microsoft-IIS/10.0 / PHP/7.2.26

Resource Hash

68ae38811c67064981b94e5f7a231f8aa141950ef1d11d29a19a293e561f7e20

Security Headers

Name	Value
Content-Security-Policy

Request headers

:method: GET
:authority: billing.ewals.sk
:scheme: https
:path: /debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billing.ewals.sk/users/login
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CAKEPHP=541ptt15ems6ticpfikg15ev0e; csrfToken=ad0f7e0aca5ff61bc937c012f626674eac69e695bba4c9fb2176f3c591c67d8e8e4599ee955f5e965cb70d47c0430edbec392ed9ba857857e0b06e71c2aa2361
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://billing.ewals.sk/users/login

Response headers

status: 200
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-security-policy
date: Thu, 04 Jun 2020 17:19:59 GMT
content-length: 4967

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 1448ms
1301ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: billing.ewals.sk
URL: https://billing.ewals.sk/users/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

/

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://billing.ewals.sk

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 64470

GET
H2 200 reset.css
billing.ewals.sk/debug_kit/css/ Frame ECEC 1 KB
1 KB 360ms
359ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/css/reset.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: f1a69615be9de2aa18c86275539fb1b2ab18cca07fff7fab0aeaf66fc4caee9a

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: text/css;charset=UTF-8
status: 200
cache-control: public,max-age=86400
content-length: 1092
expires: Fri, 5 Jun 2020 17:19:59 GMT

GET
H2 200 toolbar.css
billing.ewals.sk/debug_kit/css/ Frame ECEC 9 KB
9 KB 403ms
402ms Stylesheet
text/css 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/css/toolbar.css
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: fefa994fdfbe39862f862c6de086e17f0ad1aabe9e80423f24c62dce54134dd8

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: text/css;charset=UTF-8
status: 200
cache-control: public,max-age=86400
content-length: 9276
expires: Fri, 5 Jun 2020 17:19:59 GMT

GET
H2 200 cake.icon.png
billing.ewals.sk/debug_kit/img/ Frame ECEC 1 KB
1 KB 400ms
399ms Image
application/octet-stream 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billing.ewals.sk/debug_kit/img/cake.icon.png
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: dec5f0f0dddbf2c4ff9ab84ac2f162455194605860a7e9c06afea5d332dccc4c

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: application/octet-stream
status: 200
cache-control: public,max-age=86400
content-length: 1449
expires: Fri, 5 Jun 2020 17:19:59 GMT

GET
H2 200 jquery.js Show response
billing.ewals.sk/debug_kit/js/ Frame ECEC 94 KB
94 KB 389ms
388ms Script
application/javascript 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/js/jquery.js
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: application/javascript
status: 200
cache-control: public,max-age=86400
content-length: 96381
expires: Fri, 5 Jun 2020 17:19:59 GMT

GET
H2 200 toolbar-app.js Show response
billing.ewals.sk/debug_kit/js/ Frame ECEC 8 KB
8 KB 360ms
359ms Script
application/javascript 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/js/toolbar-app.js
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: f31c2cc61314cac710e70a576f261aa88cc06699b4500443e7493b2bdef0b21f

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: application/javascript
status: 200
cache-control: public,max-age=86400
content-length: 8460
expires: Fri, 5 Jun 2020 17:19:59 GMT

GET
H2 200 debug_kit.js Show response
billing.ewals.sk/debug_kit/js/ Frame ECEC 682 B
722 B 401ms
400ms Script
application/javascript 90.176.10.108
O2BS

General

Check archive.org

Show headers Download Go to

Full URL: https://billing.ewals.sk/debug_kit/js/debug_kit.js
Requested by: Host: billing.ewals.sk
URL: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.176.10.108 Bratislava, Slovakia, ASN28952 (O2BS, SK),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.2.26
Resource Hash: 06b08d760284fb92b3270090cf49a872f4332cb1e0b4eb1f7d02253d4ad92372

Request headers

Referer: https://billing.ewals.sk/debug-kit/toolbar/c7e0f5e1-c87c-4822-8122-ed33673ed570
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 17:19:59 GMT
last-modified: Fri, 15 May 2020 12:10:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.26
content-type: application/javascript
status: 200
cache-control: public,max-age=86400
content-length: 682
expires: Fri, 5 Jun 2020 17:19:59 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| __debugKitId string| __debugKitBaseUrl object| elem boolean| __debugKitListenersApplied

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			billing.ewals.sk/	1969-12-31 23:59:59	Name: csrfToken Value: ad0f7e0aca5ff61bc937c012f626674eac69e695bba4c9fb2176f3c591c67d8e8e4599ee955f5e965cb70d47c0430edbec392ed9ba857857e0b06e71c2aa2361
			billing.ewals.sk/	1970-01-19 10:02:57	Name: CAKEPHP Value: 541ptt15ems6ticpfikg15ev0e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billing.ewals.sk
code.ionicframework.com
maxcdn.bootstrapcdn.com
2001:4de0:ac19::1:b:2b
2606:4700:20::ac43:451d
90.176.10.108
06b08d760284fb92b3270090cf49a872f4332cb1e0b4eb1f7d02253d4ad92372
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4e059a29738cba029d9716dcfffa50307bca5deff3ffb585574cfcf2c95c8bc2
6222530d6e7f83d633bb215de33a23c424b1d47bde000f82dc1eee1bdc114db1
623757f1f7394e708f3cd4c3500041e5d3505436fe38b73476099900cd87a868
68ae38811c67064981b94e5f7a231f8aa141950ef1d11d29a19a293e561f7e20
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
b1478839ba2692601df1c05cd9de6a1669b8f83ba8ab748137f2cf04a857ccb8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c303d0e35e540f477765a1df5cf6809dd05a5592157aced3decd7090c2d4b54e
dec5f0f0dddbf2c4ff9ab84ac2f162455194605860a7e9c06afea5d332dccc4c
e73bb2c797ee0dfe9a537ffcb52bae477d7217190c1e3b13ab8df37797693675
f1a69615be9de2aa18c86275539fb1b2ab18cca07fff7fab0aeaf66fc4caee9a
f31c2cc61314cac710e70a576f261aa88cc06699b4500443e7493b2bdef0b21f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fefa994fdfbe39862f862c6de086e17f0ad1aabe9e80423f24c62dce54134dd8