bills.mreis.dev Open in urlscan Pro
154.12.225.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bills.mreis.dev/
Submission: On July 16 via automatic, source certstream-suspicious (July 16th 2024, 1:48:15 pm UTC) — Scanned from IT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 154.12.225.94, located in St Louis, United States and belongs to NL-811-40021, US. The main domain is bills.mreis.dev.
TLS certificate: Issued by E5 on July 16th 2024. Valid for: 3 months.

This is the only time bills.mreis.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	154.12.225.94 154.12.225.94	40021 (NL-811-40021) (NL-811-40021)
3	107.152.42.185 107.152.42.185	11878 (TZULO) (TZULO)
8	2

5 154.12.225.94 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1580487.contaboserver.net

bills.mreis.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.152.42.185 (Chicago, United States)

ASN11878 (TZULO, US)

appwrite.ssw.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	mreis.dev bills.mreis.dev	570 KB
3	ssw.lol appwrite.ssw.lol	989 B
8	2

	Domain	Requested by
5	bills.mreis.dev	bills.mreis.dev
3	appwrite.ssw.lol	bills.mreis.dev
8	2

This site contains no links.

Subject Issuer	Validity	Valid
bills.mreis.dev E5	`2024-07-16` - `2024-10-14`	3 months	crt.sh
appwrite.ssw.lol E5	`2024-07-05` - `2024-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bills.mreis.dev/
Frame ID: A76A13E9784ABB59354CBCD16758C9A4
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Bills

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

571 kB
Transfer

2084 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bills.mreis.dev/ 423 B
441 B 574ms
147ms Document
text/html 154.12.225.94
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bills.mreis.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.225.94 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1580487.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e746e7387a40e9c02b3e454ba9c869f374fbd92a4d608f15447362fc154c444c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 13:48:09 GMT
etag: W/"6686c157-1a7"
last-modified: Thu, 04 Jul 2024 15:35:51 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 index-d86217f0.js Show response
bills.mreis.dev/assets/ 2 MB
523 KB 435ms
434ms Script
application/javascript 154.12.225.94
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bills.mreis.dev/assets/index-d86217f0.js
Requested by: Host: bills.mreis.dev
URL: https://bills.mreis.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.225.94 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1580487.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 648b6b00e270561648ffe8918a1ead023f67f830119392d071c6f96e5c75a86c

Request headers

Referer: https://bills.mreis.dev/
Origin: https://bills.mreis.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 13:48:10 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 15:35:51 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6686c157-1b6623"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index-08e13282.css
bills.mreis.dev/assets/ 321 KB
45 KB 298ms
297ms Stylesheet
text/css 154.12.225.94
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bills.mreis.dev/assets/index-08e13282.css
Requested by: Host: bills.mreis.dev
URL: https://bills.mreis.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.225.94 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1580487.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08e13282f8fd0d591a0029921269bd65a7f47625c8f47bed492cc74252a988aa

Request headers

Referer: https://bills.mreis.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 13:48:10 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 15:35:51 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6686c157-50502"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 401 account Show response
appwrite.ssw.lol/v1/ 122 B
840 B 499ms
169ms XHR
application/json 107.152.42.185
TZULO

General

Check archive.org

Show headers Download Go to

Full URL

https://appwrite.ssw.lol/v1/account

Requested by

Host: bills.mreis.dev
URL: https://bills.mreis.dev/assets/index-d86217f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.152.42.185 Chicago, United States, ASN11878 (TZULO, US),

Reverse DNS

Software

Appwrite /

Resource Hash

cb9b3c9b3732a733760830da98619a03d8927a1873c067db8d0a81d94567a329

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff

Request headers

x-appwrite-response-format: 1.5.0
x-sdk-name: Web
x-sdk-version: 14.0.1
x-appwrite-project: proj-my-bills
x-sdk-language: web
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://bills.mreis.dev/
x-fallback-cookies
x-sdk-platform: client

Response headers

x-debug-fallback: true
date: Tue, 16 Jul 2024 13:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
content-length: 99
pragma: no-cache
server: Appwrite
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bills.mreis.dev
access-control-expose-headers: X-Appwrite-Session, X-Fallback-Cookies
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-Appwrite-Timeout, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-SDK-GraphQL, X-Appwrite-ID, X-Appwrite-Timestamp, Content-Range, Range, Cache-Control, Expires, Pragma, X-Forwarded-For, X-Forwarded-User-Agent
x-debug-speed: 0.012089967727661
expires: 0

OPTIONS
H2 204 account
appwrite.ssw.lol/v1/ 0
0 656ms
244ms Preflight
text/html 107.152.42.185
TZULO

General

Check archive.org

Show headers Download Go to

Full URL: https://appwrite.ssw.lol/v1/account
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.152.42.185 Chicago, United States, ASN11878 (TZULO, US),
Reverse DNS
Software: Appwrite /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-appwrite-project,x-appwrite-response-format,x-fallback-cookies,x-sdk-language,x-sdk-name,x-sdk-platform,x-sdk-version
Access-Control-Request-Method: GET
Origin: https://bills.mreis.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-Appwrite-Timeout, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-SDK-GraphQL, X-Appwrite-ID, X-Appwrite-Timestamp, Content-Range, Range, Cache-Control, Expires, Pragma, X-Appwrite-Session, X-Fallback-Cookies, X-Forwarded-For, X-Forwarded-User-Agent
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: https://bills.mreis.dev
access-control-expose-headers: X-Appwrite-Session, X-Fallback-Cookies
content-length: 0
content-type: text/html
date: Tue, 16 Jul 2024 13:48:11 GMT
server: Appwrite
x-debug-speed: 0.0038981437683105

GET
H2 200 favicon.ico
bills.mreis.dev/ 4 KB
1 KB 153ms
152ms Other
image/x-icon 154.12.225.94
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bills.mreis.dev/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.225.94 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1580487.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Request headers

Referer: https://bills.mreis.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 13:48:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 15:35:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6686c150-10be"
vary: Accept-Encoding
content-type: image/x-icon

GET
H2 401 account Show response
appwrite.ssw.lol/v1/ 122 B
149 B 225ms
222ms XHR
application/json 107.152.42.185
TZULO

General

Check archive.org

Show headers Download Go to

Full URL

https://appwrite.ssw.lol/v1/account

Requested by

Host: bills.mreis.dev
URL: https://bills.mreis.dev/assets/index-d86217f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.152.42.185 Chicago, United States, ASN11878 (TZULO, US),

Reverse DNS

Software

Appwrite /

Resource Hash

cb9b3c9b3732a733760830da98619a03d8927a1873c067db8d0a81d94567a329

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff

Request headers

x-appwrite-response-format: 1.5.0
x-sdk-name: Web
x-sdk-version: 14.0.1
x-appwrite-project: proj-my-bills
x-sdk-language: web
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://bills.mreis.dev/
x-fallback-cookies
x-sdk-platform: client

Response headers

x-debug-fallback: true
date: Tue, 16 Jul 2024 13:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
content-length: 99
pragma: no-cache
server: Appwrite
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bills.mreis.dev
access-control-expose-headers: X-Appwrite-Session, X-Fallback-Cookies
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-Appwrite-Timeout, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-SDK-GraphQL, X-Appwrite-ID, X-Appwrite-Timestamp, Content-Range, Range, Cache-Control, Expires, Pragma, X-Forwarded-For, X-Forwarded-User-Agent
x-debug-speed: 0.049149990081787
expires: 0

GET
H2 200 favicon.ico
bills.mreis.dev/ 4 KB
0 1ms
1ms Other
image/x-icon 154.12.225.94
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bills.mreis.dev/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.225.94 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1580487.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Request headers

Referer: https://bills.mreis.dev/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 13:48:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 15:35:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6686c150-10be"
vary: Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://appwrite.ssw.lol/v1/account Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://appwrite.ssw.lol/v1/account Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appwrite.ssw.lol
bills.mreis.dev
107.152.42.185
154.12.225.94
08e13282f8fd0d591a0029921269bd65a7f47625c8f47bed492cc74252a988aa
648b6b00e270561648ffe8918a1ead023f67f830119392d071c6f96e5c75a86c
cb9b3c9b3732a733760830da98619a03d8927a1873c067db8d0a81d94567a329
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
e746e7387a40e9c02b3e454ba9c869f374fbd92a4d608f15447362fc154c444c

bills.mreis.dev Open in urlscan Pro 154.12.225.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

571 kBTransfer

2084 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

bills.mreis.dev Open in urlscan Pro
154.12.225.94 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

571 kB
Transfer

2084 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions