bill.mc-xcell.ru Open in urlscan Pro
94.154.163.44  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bill.mc-xcell.ru/	6 KB 2 KB	291ms 17ms	Document text/html	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash cc7c5df3efcf9f0dd4ad4194dc7aa56db9266da8f8f9d3845b4b20dcc1c5436d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 May 2024 17:18:50 GMT etag W/"1889-qpXEmhdHtNbxiRf38u1ssmjBFh4" server nginx/1.18.0 (Ubuntu) x-powered-by Express
GET H2	200	materialdesignicons.min.css bill.mc-xcell.ru/assets/vendors/mdi/css/	172 KB 173 KB	496ms 490ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/mdi/css/materialdesignicons.min.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash daac3e2e53f7f08075ec4af0001b3f968c9457dda98978f8012914c2611f788d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"2b18b-18fa66ad76b" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 176523
GET H2	200	vendor.bundle.base.css bill.mc-xcell.ru/assets/vendors/css/	3 KB 3 KB	517ms 512ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/css/vendor.bundle.base.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"a26-18fa66ad767" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 2598
GET H3	200	nanobar.js Show response cdnjs.cloudflare.com/ajax/libs/nanobar/0.4.2/	3 KB 2 KB	35ms 21ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/nanobar/0.4.2/nanobar.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 113844e077a545e3818ccb1ac6e7defdb6571bac513e37a3d13187303d6e6c0a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 6136342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1059 last-modified Mon, 04 May 2020 16:13:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f2a-d12" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu2Fbw9wSjsv%2BDAkBbXaqCec%2FFBgfoIXftTFEEA4biYzMx8127YY14Rk29Kdo2QND%2B6i0DpzYfZNnYDClhoUHWWIAwpoLWPyCShrqKNGk6MIFw5J46o5%2FKiXG%2BggWgjyO9oZTv6g"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8886b51fb99871ac-FRA expires Tue, 13 May 2025 17:18:50 GMT
GET H2	200	jquery-jvectormap.css bill.mc-xcell.ru/assets/vendors/jvectormap/	6 KB 7 KB	517ms 512ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/jvectormap/jquery-jvectormap.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 59c3d4149227f84e2aa682cea0734bfe5a7f991b3c80820fac98865bf23371db Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"19eb-18fa66ad76b" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 6635
GET H2	200	flag-icon.min.css bill.mc-xcell.ru/assets/vendors/flag-icon-css/css/	5 KB 2 KB	491ms 487ms	Stylesheet text/html	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/flag-icon-css/css/flag-icon.min.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash b66f6936ed7149ab67a51f045824b7d00487bf61c9ed7112f401cf95e3b5bce8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"15a0-kcrxnhqIOOuDG1A0eQlS0g3bhmQ" content-type text/html; charset=utf-8
GET H2	200	owl.carousel.min.css bill.mc-xcell.ru/assets/vendors/owl-carousel-2/	3 KB 3 KB	517ms 512ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/owl-carousel-2/owl.carousel.min.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"d17-18fa66ad773" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 3351
GET H2	200	owl.theme.default.min.css bill.mc-xcell.ru/assets/vendors/owl-carousel-2/	1013 B 1 KB	517ms 513ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/owl-carousel-2/owl.theme.default.min.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"3f5-18fa66ad773" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 1013
GET H2	200	style.css bill.mc-xcell.ru/assets/css/	775 KB 777 KB	516ms 513ms	Stylesheet text/css	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/css/style.css Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 46b06fd75937fcbd04599cdaac1b2e21a90830ac115d82e2558edf719a8f58db Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"c1d3f-18fa66ad763" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 793919
GET H2	200	css2 fonts.googleapis.com/	2 KB 691 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@500&display=swap Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b75ac1f8ed4944f59b6887edbaf0d8cfc76d95b053e8e726848a12fbd6093304 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 23 May 2024 17:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 May 2024 17:14:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 May 2024 17:18:50 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 1 KB	39ms 15ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@500&display=swap Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 82a25968b78f9a84bb92fa560948fad0ea0f08bd6b7411f8a411ca0546f21a57 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 23 May 2024 17:18:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 May 2024 15:48:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 May 2024 17:18:50 GMT
GET H2	200	vendor.bundle.base.js Show response bill.mc-xcell.ru/assets/vendors/js/	184 KB 185 KB	515ms 513ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/vendors/js/vendor.bundle.base.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 9aa19cdd57f8e153ece2dae6acc760f5f656619452ccd4e0a14693bdd4939bc7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"2e1b4-18fa66ad76b" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 188852
GET H2	200	off-canvas.js Show response bill.mc-xcell.ru/assets/js/	185 B 404 B	515ms 513ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/js/off-canvas.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash bca64d524d21f8f6305406003284d503b4ab74108e0a9e866695d6a5db052579 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"b9-18fa66ad767" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 185
GET H2	200	hoverable-collapse.js Show response bill.mc-xcell.ru/assets/js/	806 B 1 KB	515ms 513ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/js/hoverable-collapse.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 6d82ce2aa7203156edb20ef0254fcb31dbdf20229057090718f99389bca06713 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"326-18fa66ad763" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 806
GET H2	200	misc.js Show response bill.mc-xcell.ru/assets/js/	4 KB 4 KB	525ms 523ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/js/misc.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 25fcef7e75036c363eb8048f6d8a4ab1689d83d29bfe02779c08baa61e87c7df Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"1009-18fa66ad767" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 4105
GET H2	200	settings.js Show response bill.mc-xcell.ru/assets/js/	4 KB 4 KB	525ms 524ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/js/settings.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 2ff6d556d912ad50670b60fabe34ff2abd19bd058d83eede68bde0bd93d49708 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"e22-18fa66ad767" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 3618
GET H2	200	todolist.js Show response bill.mc-xcell.ru/assets/js/	972 B 1 KB	525ms 524ms	Script application/javascript	94.154.163.44 PLAY2GO-NET
General Check archive.org Show headers Download Go to Full URL https://bill.mc-xcell.ru/assets/js/todolist.js Requested by Host: bill.mc-xcell.ru URL: https://bill.mc-xcell.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.154.163.44 Ashburn, United States, ASN215439 (PLAY2GO-NET, GB), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash c81596913c0ea12ebabd652d0a50bb67add450720543108fff5dfe3837793215 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT last-modified Thu, 23 May 2024 17:06:10 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"3cc-18fa66ad767" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 972
GET H2	200	L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_7Pq_ROW4.woff2 fonts.gstatic.com/s/robotomono/v23/	13 KB 13 KB	46ms 17ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_7Pq_ROW4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e1f73c6737cdf273efb4b79504e4c0a19c5e14568c0fe0cc8d6c1be55c89b10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://bill.mc-xcell.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 18 May 2024 14:53:16 GMT x-content-type-options nosniff age 440735 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13076 x-xss-protection 0 last-modified Thu, 14 Sep 2023 01:16:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 May 2025 14:53:16 GMT
GET H2	200	zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	20 KB 20 KB	47ms 18ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://bill.mc-xcell.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 08:02:29 GMT x-content-type-options nosniff age 206182 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20064 x-xss-protection 0 last-modified Tue, 02 May 2023 15:58:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 May 2025 08:02:29 GMT
GET H3	404	Screenshot_2023-01-18_162220.jpg cdn.discordapp.com/attachments/1063585626022223892/1065305275826966609/	36 B 841 B	52ms 28ms	Other text/plain	162.159.135.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.discordapp.com/attachments/1063585626022223892/1065305275826966609/Screenshot_2023-01-18_162220.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1IVB1QnvAjbreyDjucs5e54D7aqtEcifg8XYZZ9cICoCvuRQ8Hy%2Fe19KqgUMfkochg4wN597joCrGVdRtLkKTGLyHp70f9o6VyfhDCKwmUwqDXiyribELkDIwPbrScVoDUlhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp cf-ray 8886b523e8dc35f9-FRA content-length 36 alt-svc h3=":443"; ma=86400
GET H3	404	Copy_of_H_33.png cdn.discordapp.com/attachments/881207010417315861/948924037176901642/	36 B 497 B	98ms 98ms	Other text/plain	162.159.135.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.discordapp.com/attachments/881207010417315861/948924037176901642/Copy_of_H_33.png Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bill.mc-xcell.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 17:18:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpaiLznFNkIP6La%2Fn%2BO3GxHmF52vHZ3udx%2B4AMmCBCcTS0Ab2ylz5WJH9VZYn2yo04zKAPy6FN84ZMpoJgSUIVAqLLSlne7aiwwY%2FVVLvIOPWOPAKk1up3%2BhdWdRlF7cgr5%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp cf-ray 8886b524191f35f9-FRA content-length 36 alt-svc h3=":443"; ma=86400

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Nanobar function| $ function| jQuery function| Popper object| bootstrap function| PerfectScrollbar object| options object| nanobar

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bill.mc-xcell.ru/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AKDFErv7VfXDXBz6Y8IrXNEt27zSGr1ll.F3IrssmAQRuKImjFcw7w%2FF34ecdIIWsdbt5gvGE4F6I
			.discordapp.com/	1970-01-20 20:48:06	Name: __cf_bm Value: .DF7hKELKB5oUbLpq4jS2L1XrVGokoqXoMRvkJ3_0gQ-1716484731-1.0.1.1-DOYNYfPiF3aSEcKk10MTFPV.LsJ8KL4RokAUUseP.PCCSoEUnrvCtIrmQno66kIzVTVMiPZ11ewlBE8DKEoxrg
			.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: bgTHlyU5ebWrGueU3b3NXpUu2sIKDqEyRxunepXmApw-1716484731523-0.0.1.1-604800000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bill.mc-xcell.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bill.mc-xcell.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn.discordapp.com/attachments/1063585626022223892/1065305275826966609/Screenshot_2023-01-18_162220.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.discordapp.com/attachments/881207010417315861/948924037176901642/Copy_of_H_33.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://bill.mc-xcell.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bill.mc-xcell.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bill.mc-xcell.ru
cdn.discordapp.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
104.17.24.14
162.159.135.233
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
94.154.163.44
0e1f73c6737cdf273efb4b79504e4c0a19c5e14568c0fe0cc8d6c1be55c89b10
113844e077a545e3818ccb1ac6e7defdb6571bac513e37a3d13187303d6e6c0a
25fcef7e75036c363eb8048f6d8a4ab1689d83d29bfe02779c08baa61e87c7df
2ff6d556d912ad50670b60fabe34ff2abd19bd058d83eede68bde0bd93d49708
46b06fd75937fcbd04599cdaac1b2e21a90830ac115d82e2558edf719a8f58db
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
59c3d4149227f84e2aa682cea0734bfe5a7f991b3c80820fac98865bf23371db
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
6d82ce2aa7203156edb20ef0254fcb31dbdf20229057090718f99389bca06713
7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b
82a25968b78f9a84bb92fa560948fad0ea0f08bd6b7411f8a411ca0546f21a57
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9aa19cdd57f8e153ece2dae6acc760f5f656619452ccd4e0a14693bdd4939bc7
b66f6936ed7149ab67a51f045824b7d00487bf61c9ed7112f401cf95e3b5bce8
b75ac1f8ed4944f59b6887edbaf0d8cfc76d95b053e8e726848a12fbd6093304
bca64d524d21f8f6305406003284d503b4ab74108e0a9e866695d6a5db052579
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
c81596913c0ea12ebabd652d0a50bb67add450720543108fff5dfe3837793215
cc7c5df3efcf9f0dd4ad4194dc7aa56db9266da8f8f9d3845b4b20dcc1c5436d
daac3e2e53f7f08075ec4af0001b3f968c9457dda98978f8012914c2611f788d