urlscan.io logo urlscan.io
SecurityTrails logo

etisalat-bill.io Open in urlscan Pro
84.234.97.94  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Submission: On April 06 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 5 domains to perform 30 HTTP transactions. The main IP is 84.234.97.94, located in Romania and belongs to THCPROJECTS, RO. The main domain is etisalat-bill.io.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 6th 2024. Valid for: 3 months.
This is the only time etisalat-bill.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 84.234.97.94 51177 (THCPROJECTS)
23 217.164.92.58 5384 (EMIRATES-...)
1 3 104.18.16.12 13335 (CLOUDFLAR...)
1 192.229.133.221 15133 (EDGECAST)
1 1 104.19.208.81 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
30 6
3    84.234.97.94 (Romania)

ASN51177 (THCPROJECTS, RO)
PTR: r01ipx97x94.thchost.ro
etisalat-bill.io
23    217.164.92.58 (Al Ain City, United Arab Emirates)

ASN5384 (EMIRATES-INTERNET Emirates Internet, AE)
PTR: bba-217-164-92-58.alshamil.net.ae
ipg.comtrust.ae
3    104.18.16.12 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.secure.checkout.visa.com
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
1    104.19.208.81 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.checkout.visa.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 comtrust.ae
ipg.comtrust.ae
743 KB
4 visa.com
assets.secure.checkout.visa.com — Cisco Umbrella Rank: 37140
secure.checkout.visa.com — Cisco Umbrella Rank: 24851
54 KB
3 etisalat-bill.io
etisalat-bill.io
66 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 18588
5 KB
30 5
Domain Requested by
23 ipg.comtrust.ae etisalat-bill.io
3 assets.secure.checkout.visa.com 1 redirects etisalat-bill.io
3 etisalat-bill.io etisalat-bill.io
1 fonts.gstatic.com ipg.comtrust.ae
1 secure.checkout.visa.com 1 redirects
1 www.w3schools.com etisalat-bill.io
30 6

This site contains no links.

Subject Issuer Validity Valid
etisalat-bill.io
cPanel, Inc. Certification Authority		 2024-04-06 -
2024-07-05		 3 months crt.sh
ipg.comtrust.ae
DigiCert SHA2 Secure Server CA		 2023-07-05 -
2024-07-09		 a year crt.sh
assets.secure.checkout.visa.com
Cloudflare Inc ECC CA-3		 2024-03-11 -
2024-12-31		 10 months crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-03 -
2025-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://etisalat-bill.io/3179b995942af73/auth.php
Frame ID: 61E4183582CDEBB2EAB511FA1B1BA2C6
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • secure\.checkout\.visa\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

5
Countries

891 kB
Transfer

2457 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png HTTP 301
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png HTTP 302
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=etisalat-bill.io&appType=web

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth.php
etisalat-bill.io/3179b995942af73/ 		49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.234.97.94 , Romania, ASN51177 (THCPROJECTS, RO),
Reverse DNS
r01ipx97x94.thchost.ro
Software
LiteSpeed /
Resource Hash
98f5942b1d5f8e3124b24fdc8e41391305dee19910fd8ca6f3ddefa69147954c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Apr 2024 13:03:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
jquery-3.1.0.min.js
ipg.comtrust.ae/PaymentEx/Scripts/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Scripts/jquery-3.1.0.min.js?version=1000
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Apr 2019 08:41:02 GMT
Server
Microsoft-IIS/10.0
ETag
"0636a366e8d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
30116
X-XSS-Protection
1; mode=block
materialize.js
ipg.comtrust.ae/PaymentEx/Scripts/ 		317 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Scripts/materialize.js
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
4403a9acb1c2c7a4d8ee3f308864eb8f4ff8c3cd83b51a8de480b920e2462374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
77728
X-XSS-Protection
1; mode=block
angular.js
ipg.comtrust.ae/PaymentEx/Scripts/ 		1 MB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Scripts/angular.js
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
2927fafbcdad931bca3d1ff4f75eb098484eb7dd4bc3c50571392167ceaac06a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Sep 2015 09:33:46 GMT
Server
Microsoft-IIS/10.0
ETag
"0792af099fad01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
261316
X-XSS-Protection
1; mode=block
Module.js
ipg.comtrust.ae/PaymentEx/Content/Angular/ 		47 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Content/Angular/Module.js
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
f845e58b1606da60b1f0c623f970fc6632ca1fde54249f717a0201cee9732c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Sep 2015 07:14:50 GMT
Server
Microsoft-IIS/10.0
ETag
"091efb14ffbd01:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
47
X-XSS-Protection
1; mode=block
app_extended.css
ipg.comtrust.ae/PaymentEx/styles/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/styles/app_extended.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
7aed16bee155e2b8906aca91217132298a6763f97c926341084d6eb374d55d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Aug 2016 11:39:36 GMT
Server
Microsoft-IIS/10.0
ETag
"04c70b432f2d11:0"
Content-Type
text/css
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1231
X-XSS-Protection
1; mode=block
css
ipg.comtrust.ae/PaymentEx/Content/ 		870 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Content/css?v=mm9aZvlDh3xh7Y2ebzhQavDVVecxcJWMyiapieXl0Ao1
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
/
Resource Hash
b7731de59b91544bc9841ec7fb593708ef4ba08d7d01265a6ffd3c1f07999592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 06 Apr 2024 13:03:46 GMT
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Cache-Control
public
Access-Control-Allow-Headers
Content-Type
Content-Length
870
X-XSS-Protection
1; mode=block
Expires
Sun, 06 Apr 2025 13:03:46 GMT
fonts_googleapis.css
ipg.comtrust.ae/PaymentEx/styles/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/styles/fonts_googleapis.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
3dba9e327b8e16fc7e4227d0774eda0edee0128c258efaac16fe0830cdbf9cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Oct 2019 05:19:58 GMT
Server
Microsoft-IIS/10.0
ETag
"0d364dcce7cd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
597
X-XSS-Protection
1; mode=block
materialize.css
ipg.comtrust.ae/PaymentEx/styles/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/styles/materialize.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
863c1046a765d32755922fb70634a84fe26b9ddc46da7620a50df0816ff77bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Oct 2019 10:28:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0dd9081557fd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
26105
X-XSS-Protection
1; mode=block
HousePay-New.css
etisalat-bill.io/3179b995942af73/files/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etisalat-bill.io/3179b995942af73/files/HousePay-New.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.234.97.94 , Romania, ASN51177 (THCPROJECTS, RO),
Reverse DNS
r01ipx97x94.thchost.ro
Software
LiteSpeed /
Resource Hash
f751ee1aa0b3e6c11fd3b2e6b3f3a10ed58d0f0be95346d98a54e1f6a2aca9cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/3179b995942af73/auth.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 13:03:46 GMT
content-encoding
br
last-modified
Sat, 06 Apr 2024 03:51:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1994
expires
Sat, 13 Apr 2024 13:03:46 GMT
css-loader.css
ipg.comtrust.ae/PaymentEx/styles/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/styles/css-loader.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
318ea483efe8d0745c04fae5a0745f65ee3992204d15daae71aa1eaf1f415d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 12:18:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0c73d51942d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
2890
X-XSS-Protection
1; mode=block
sdk.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/ 		158 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0235a301df2933d629eb0c96be815404141283801281b4188b95ebc1c8b6187a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Content-Encoding
br
Age
409263
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sat, 23 Mar 2024 13:42:16 GMT
Server
cloudflare
ETag
W/"65fedc38-2798f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
CF-Ray
8701fad98cb2972c-FRA
Expires
Sat, 06 Apr 2024 14:03:46 GMT
HousePayController.js
ipg.comtrust.ae/PaymentEx/Content/Angular/ 		142 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Content/Angular/HousePayController.js?version=1016
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
0f6a9edc6e51c6983b126c06a0424d96704e1c85321c3566d27a1e49f90070c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Dec 2023 07:53:52 GMT
Server
Microsoft-IIS/10.0
ETag
"0687b83992dda1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
20042
X-XSS-Protection
1; mode=block
HousePayService.js
ipg.comtrust.ae/PaymentEx/Content/Angular/ 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Content/Angular/HousePayService.js?version=1001
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
e8c50d3287cac42900a601cdf2f8c4cdf1e854c6737ccf49daad9f0228d3bd86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Aug 2022 09:00:48 GMT
Server
Microsoft-IIS/10.0
ETag
"0a029d6ceb6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
958
X-XSS-Protection
1; mode=block
dialog-polyfill.js
ipg.comtrust.ae/PaymentEx/Scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/Scripts/dialog-polyfill.js
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
7cee727970998b2650d877109e8db800dce3de8897cfd6407c9f2fe0d1e0bcd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 28 Jul 2019 11:22:54 GMT
Server
Microsoft-IIS/10.0
ETag
"07b92cc3645d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
7485
X-XSS-Protection
1; mode=block
dialog-polyfill.css
ipg.comtrust.ae/PaymentEx/styles/ 		685 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/styles/dialog-polyfill.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
4c22fa5ea57e289f588adba037e54a9d0a38930549b0d2b0385719ffb2197a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 28 Jul 2019 11:12:04 GMT
Server
Microsoft-IIS/10.0
ETag
"05a24493545d51:0"
Content-Type
text/css
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
685
X-XSS-Protection
1; mode=block
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAC) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sat, 06 Apr 2024 13:03:46 GMT
last-modified
Thu, 04 Apr 2024 11:41:48 GMT
server
ECS (amb/6BAC)
age
6364
etag
"026b1138586da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
eDhirham_Logo.bmp
ipg.comtrust.ae/PaymentEx/Images/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/eDhirham_Logo.bmp
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
68a9331753d4e0213b04bf6062b58d8113125fd93c6942a2dccf7894ed698429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 18 Sep 2019 04:44:38 GMT
Server
Microsoft-IIS/10.0
ETag
"03fedc6db6dd51:0"
Content-Type
image/bmp
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
293958
X-XSS-Protection
1; mode=block
button.png
assets.secure.checkout.visa.com/wallet-services-web/xo/
Redirect Chain
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=etisalat-bill.io&appType=web
24 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=etisalat-bill.io&appType=web
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Server
104.18.16.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://etisalat-bill.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
CF-Cache-Status
HIT
X-CORRELATION-ID
1_1712408619_545_215_b2k8l73-546c69r9s_ARM
X-Content-Type-Options
nosniff, nosniff
Age
7
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding
br
Connection
keep-alive
X-XSS-Protection
0
X-SERVED-BY
b2k8l73-75d55f9b5-9x5
Pragma
no-cache
v-token
1_{001}:AAMxOUEKcFlC04uAXBaQHzAYF7Ry745Tq/yGbuFk4PO7rDbHnSYlbEdkDyiYSiij1hK84WqziIh6pc+bk98pfElwvxdvd8znNT5C1ltX+spTpC5u91YtU+Kn7TrIM11DlVSzIbhPDaWKJV7i83jE7DhpOCbQCzKPbD3yN2lejG76849pHemJmQ/n+M3VlU24UOF2uLjjUpjs87BjzU3Yj+zHJkvSixVbz5jopbpPkPHI8SENdNqJXjjCEz5WygiuKTDb9fn6sBC7/OBbxKUQ101Tt+W+sS9KiN3VKH+TfxG0dtwfW90Qb01CZtpcVdddXY4jVGfpCqGYtzEDwGIv5Ukx1Y21wezTX1zU3z97NuRwIXHjCJDmg4xKtUMqaczAbaGWL9OoAyjYnwmJdjLlQUL0wrYxpBMLk1HtvW7xrDeg
Last-Modified
Sat, 06 Apr 2024 13:03:39 GMT
Server
cloudflare
X-WebKit-CSP-Report-Only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml;charset=UTF-8
Access-Control-Allow-Origin
*
Content-Language
en-US
Cache-Control
public, max-age=14400
X-APP-STATUS
200
CF-Ray
8701fada28e9972b-FRA
Expires
Sat, 06 Apr 2024 17:03:46 GMT

Redirect headers

Location
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=etisalat-bill.io&appType=web
Date
Sat, 06 Apr 2024 13:03:46 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
8701fad9d89b972b-FRA
Content-Length
0
Vary
Accept-Encoding
House-master.png
ipg.comtrust.ae/PaymentEx/Images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/House-master.png
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
64b4adf0593899290c4a629d1e68b73119bb6ed82aea23bdcca1fa9258438047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Content-Type
image/png
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
8055
X-XSS-Protection
1; mode=block
House-visa.png
ipg.comtrust.ae/PaymentEx/Images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/House-visa.png
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
82f502b9a713563d8fbad1a2cc4ddbba63efe552cb81d1baf678f9b9f0dedede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Content-Type
image/png
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
5616
X-XSS-Protection
1; mode=block
House-amex.png
ipg.comtrust.ae/PaymentEx/Images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/House-amex.png
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
e58e5fbef4f7fe5ba6b1c1d33d19faf5be28eaffaeb95f7ab93d340c1d1de0dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Content-Type
image/png
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
4945
X-XSS-Protection
1; mode=block
BlankCard.svg
ipg.comtrust.ae/PaymentEx/Images/ 		439 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/BlankCard.svg
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
159a5ad795e8ef295cdc61104581c72efa21c7ef9a2b1770b5859bf03858f73d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
439
X-XSS-Protection
1; mode=block
HousePay-Visa-selected.svg
ipg.comtrust.ae/PaymentEx/Images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/HousePay-Visa-selected.svg
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
c9fb7c12a4d014f31b6f7a71f6518fd1acd8c59563d9c8b116f03b076acf1224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1380
X-XSS-Protection
1; mode=block
HousePay-MasterCard-selected.svg
ipg.comtrust.ae/PaymentEx/Images/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/HousePay-MasterCard-selected.svg
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
55172ac716756cf1b01d0ba6336a4c33e22e04d425cea38ebdd45d9a52aed6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1326
X-XSS-Protection
1; mode=block
HousePay-Amex-selected.svg
ipg.comtrust.ae/PaymentEx/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/HousePay-Amex-selected.svg
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
64a8d90743b2b1fb1e164599f3816d8d7b5938177ebc0e03f00d608fbabb08a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 09 Apr 2017 08:33:18 GMT
Server
Microsoft-IIS/10.0
ETag
"01b36f0bb1d21:0"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1785
X-XSS-Protection
1; mode=block
auth_process.gif
ipg.comtrust.ae/PaymentEx/Images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.comtrust.ae/PaymentEx/Images/auth_process.gif
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
Microsoft-IIS/10.0 /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Feb 2016 07:54:54 GMT
Server
Microsoft-IIS/10.0
ETag
"05b2f7ea164d11:0"
Content-Type
image/gif
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
3208
X-XSS-Protection
1; mode=block
jquery
ipg.comtrust.ae/PaymentEx/bundles/ 		0
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipg.comtrust.ae/PaymentEx/bundles/jquery?v=
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/auth.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.164.92.58 Al Ain City, United Arab Emirates, ASN5384 (EMIRATES-INTERNET Emirates Internet, AE),
Reverse DNS
bba-217-164-92-58.alshamil.net.ae
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 13:03:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 06 Apr 2024 13:03:47 GMT
Vary
User-Agent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://servicecharge.realconnect.ae
Cache-Control
public
Access-Control-Allow-Headers
Content-Type
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 06 Apr 2025 13:03:47 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77644d7d462e91c257c4976957e351d944a9db8e66012da536c510f17dffca6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
neotech-regular.ttf
etisalat-bill.io/3179b995942af73/files/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://etisalat-bill.io/3179b995942af73/files/fonts/neotech-regular.ttf
Requested by
Host: etisalat-bill.io
URL: https://etisalat-bill.io/3179b995942af73/files/HousePay-New.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.234.97.94 , Romania, ASN51177 (THCPROJECTS, RO),
Reverse DNS
r01ipx97x94.thchost.ro
Software
LiteSpeed /
Resource Hash
477469be23ca210f6cc938093af7394c8c070316f684e1813cb50974ea4080c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://etisalat-bill.io/3179b995942af73/files/HousePay-New.css
Origin
https://etisalat-bill.io
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 13:03:48 GMT
last-modified
Sat, 06 Apr 2024 03:51:17 GMT
server
LiteSpeed
content-type
font/ttf
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
53188
expires
Sat, 13 Apr 2024 13:03:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v16/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: ipg.comtrust.ae
URL: https://ipg.comtrust.ae/PaymentEx/styles/fonts_googleapis.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ipg.comtrust.ae/
Origin
https://etisalat-bill.io
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 03:41:25 GMT
x-content-type-options
nosniff
age
379343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23484
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 03:41:25 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getTime function| Vel function| Hammer object| Materialize object| Waves function| Picker object| angular object| app object| VisaCheckoutSDK object| VsbOrchAdapterInstance object| V object| dialogPolyfill function| validate_field

3 Cookies

Domain/Path Name / Value
etisalat-bill.io/ Name: PHPSESSID
Value: b8902b623716769b20336c76773fd1c5
.secure.checkout.visa.com/ Name: __cfruid
Value: 7f83fb9e4aaf9b705a877a1cd4cc8be4e3500eae-1712408626
.assets.secure.checkout.visa.com/ Name: __cfruid
Value: a5e15ef5ce974253ddf6b0184ceab9bead74b213-1712408626

9 Console Messages

Source Level URL
Text
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other verbose URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq)
other verbose URL: https://etisalat-bill.io/3179b995942af73/auth.php
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.secure.checkout.visa.com
etisalat-bill.io
fonts.gstatic.com
ipg.comtrust.ae
secure.checkout.visa.com
www.w3schools.com
104.18.16.12
104.19.208.81
192.229.133.221
217.164.92.58
2a00:1450:4001:800::2003
84.234.97.94
0235a301df2933d629eb0c96be815404141283801281b4188b95ebc1c8b6187a
0f6a9edc6e51c6983b126c06a0424d96704e1c85321c3566d27a1e49f90070c7
159a5ad795e8ef295cdc61104581c72efa21c7ef9a2b1770b5859bf03858f73d
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
2927fafbcdad931bca3d1ff4f75eb098484eb7dd4bc3c50571392167ceaac06a
318ea483efe8d0745c04fae5a0745f65ee3992204d15daae71aa1eaf1f415d27
36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7
3dba9e327b8e16fc7e4227d0774eda0edee0128c258efaac16fe0830cdbf9cbc
4403a9acb1c2c7a4d8ee3f308864eb8f4ff8c3cd83b51a8de480b920e2462374
477469be23ca210f6cc938093af7394c8c070316f684e1813cb50974ea4080c8
4c22fa5ea57e289f588adba037e54a9d0a38930549b0d2b0385719ffb2197a94
55172ac716756cf1b01d0ba6336a4c33e22e04d425cea38ebdd45d9a52aed6c2
64a8d90743b2b1fb1e164599f3816d8d7b5938177ebc0e03f00d608fbabb08a9
64b4adf0593899290c4a629d1e68b73119bb6ed82aea23bdcca1fa9258438047
68a9331753d4e0213b04bf6062b58d8113125fd93c6942a2dccf7894ed698429
77644d7d462e91c257c4976957e351d944a9db8e66012da536c510f17dffca6a
7aed16bee155e2b8906aca91217132298a6763f97c926341084d6eb374d55d7f
7cee727970998b2650d877109e8db800dce3de8897cfd6407c9f2fe0d1e0bcd4
82f502b9a713563d8fbad1a2cc4ddbba63efe552cb81d1baf678f9b9f0dedede
863c1046a765d32755922fb70634a84fe26b9ddc46da7620a50df0816ff77bc9
98f5942b1d5f8e3124b24fdc8e41391305dee19910fd8ca6f3ddefa69147954c
b7731de59b91544bc9841ec7fb593708ef4ba08d7d01265a6ffd3c1f07999592
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c9fb7c12a4d014f31b6f7a71f6518fd1acd8c59563d9c8b116f03b076acf1224
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58e5fbef4f7fe5ba6b1c1d33d19faf5be28eaffaeb95f7ab93d340c1d1de0dd
e8c50d3287cac42900a601cdf2f8c4cdf1e854c6737ccf49daad9f0228d3bd86
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
f751ee1aa0b3e6c11fd3b2e6b3f3a10ed58d0f0be95346d98a54e1f6a2aca9cc
f845e58b1606da60b1f0c623f970fc6632ca1fde54249f717a0201cee9732c14
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355