urlscan.io logo urlscan.io
SecurityTrails logo

www.heybill.app Open in urlscan Pro
92.42.187.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://heybill.app/
Effective URL: https://www.heybill.app/de
Submission: On October 19 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 92.42.187.32, located in Zurich, Switzerland and belongs to NINE, CH. The main domain is www.heybill.app.
TLS certificate: Issued by R11 on October 19th 2024. Valid for: 3 months.
This is the only time www.heybill.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 92.42.187.32 29691 (NINE)
5 104.17.24.14 13335 (CLOUDFLAR...)
11 2
Apex Domain
Subdomains		 Transfer
8 heybill.app
heybill.app
www.heybill.app
121 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
316 KB
11 2
Domain Requested by
7 www.heybill.app 1 redirects www.heybill.app
5 cdnjs.cloudflare.com www.heybill.app
cdnjs.cloudflare.com
1 heybill.app 1 redirects
11 3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
heybill.app
R11		 2024-10-19 -
2025-01-17		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.heybill.app/de
Frame ID: 3EF5AA120FF149EB78F72593BD5246FD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HeyBill - Gemeinsame Ausgabenverwaltung und Sparen

Page URL History Show full URLs

  1. https://heybill.app/ HTTP 301
    https://www.heybill.app/ HTTP 302
    https://www.heybill.app/de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

436 kB
Transfer

790 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://heybill.app/ HTTP 301
    https://www.heybill.app/ HTTP 302
    https://www.heybill.app/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request de
www.heybill.app/
Redirect Chain
  • https://heybill.app/
  • https://www.heybill.app/
  • https://www.heybill.app/de
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heybill.app/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
0fdca18726bb5a25b455bc5c8bbc0d6f4114360db1ab326e9475df75c40fa777

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
3851
content-type
text/html; charset=UTF-8
date
Sat, 19 Oct 2024 11:05:41 GMT
server
Apache/2.4.52 (Ubuntu)
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 19 Oct 2024 11:05:41 GMT
location
/de
server
Apache/2.4.52 (Ubuntu)
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.0/css/ 		227 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.0/css/bootstrap.min.css
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"659b12cf-5961"
age
218622
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEZpqeyIvHIJwctzbbYGtRj418eF9EFGvlobTQD%2FkaN0BiJBcLxeCjib%2BcXW0DKMFyJS%2Fhypw1vrN2GCfnnjHUHG4o%2BL3Uu6m4lI2bJFgFlKM8UEcG0Q9fwar2B%2FaLoLZ0JNHure"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:05:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:05:41 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 07 Jan 2024 22:08:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d504b60ca2d0208-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
22881
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6421d693-4940"
age
214783
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNQzOyqq6%2Brc4cAXAN55n6fIB3AfwYBsY7LAI0YAKd8abJeh9a%2BEp5jvLIwCtT7TsVX%2F7d%2F7Ecoib0cw%2BnCm38wY30oczL5RXkagIP7JguEQv73wTk%2BRyt12gm2al%2B4BaKJM5jR1"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:05:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:05:41 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d504b60ca2e0208-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
18752
server
cloudflare
heybill-logo-negative-horizontal.png
www.heybill.app/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heybill.app/img/heybill-logo-negative-horizontal.png
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
33c5e6807aab731523d7c2f0d917de8606908500a03355ed95bb8bc0d957052c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/de

Response headers

accept-ranges
bytes
content-length
7098
etag
"1bba-6239128f61a62"
date
Sat, 19 Oct 2024 11:05:41 GMT
last-modified
Thu, 03 Oct 2024 11:50:24 GMT
content-type
image/png
server
Apache/2.4.52 (Ubuntu)
google-play-badge.png
www.heybill.app/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heybill.app/img/google-play-badge.png
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/de

Response headers

accept-ranges
bytes
content-length
4904
etag
"1328-62456964c0682"
date
Sat, 19 Oct 2024 11:05:41 GMT
last-modified
Sun, 13 Oct 2024 07:22:47 GMT
content-type
image/png
server
Apache/2.4.52 (Ubuntu)
heybil-app-phone.webp
www.heybill.app/img/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heybill.app/img/heybil-app-phone.webp
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
01556467105acf0303ff6b78feca4aa49cde7fa99f171940279ca9ccc5080a89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/de

Response headers

accept-ranges
bytes
content-length
59962
etag
"ea3a-6245684ea282b"
date
Sat, 19 Oct 2024 11:05:41 GMT
last-modified
Sun, 13 Oct 2024 07:17:55 GMT
server
Apache/2.4.52 (Ubuntu)
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.0/js/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.0/js/bootstrap.bundle.min.js
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"659b12d4-510c"
age
214958
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nr93ds1xBuBg4onKbDzRsJKrsxgqcL9seowfegmud5IFGEfsUywqPFp57n%2FDbln%2F9p%2FldPlPIpIJVT21%2FituTTtAMKDPyCfCZYpM%2BYzdeOXcIoSx%2FK3LY%2FLpKxVaodxWCe5%2BBukm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:05:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:05:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 07 Jan 2024 22:08:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d504b60ca2f0208-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
20748
server
cloudflare
icon-foreground.png
www.heybill.app/img/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heybill.app/img/icon-foreground.png
Requested by
Host: www.heybill.app
URL: https://www.heybill.app/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
aa05b2e4adb33192a57fdfae0cba26e0f0f8b3958a38828d33f123fd0520c725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/de

Response headers

accept-ranges
bytes
content-length
40906
etag
"9fca-6239128ee0be5"
date
Sat, 19 Oct 2024 11:05:41 GMT
last-modified
Thu, 03 Oct 2024 11:50:24 GMT
content-type
image/png
server
Apache/2.4.52 (Ubuntu)
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.heybill.app
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"6421d693-24a6c"
age
223901
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5s29wF9IixwNQqeu6vY5z280G1dCyOvmQo21PMQIHAuL0gt3E1OoSNTDfeTXPGf3mgY6wQJjVdo9pYmOXRIzwS14SejMNGooxgotv%2Ffbxnj%2BBHN2lypE%2FovP2VBfNnynh30Nsiv9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:05:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:05:41 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d504b61cedc23c7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
150124
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.heybill.app
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"6421d693-1a5f4"
age
213734
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAoJOYt5XDTEZe52%2Bcx%2Buv46USS0yrw8ytjfz2MR%2BK75tVyDywV04W1FLXShHWZAxVmZoupvnojy6OnLnCkHsKVQeGUeQpeq4%2B7ezud8X1PrpMrk6SnMaXi1fXL4sW9N2bKb657e"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 11:05:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:05:41 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d504b61cedb23c7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
108020
server
cloudflare
heybill-logo-symbol-color.png
www.heybill.app/img/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heybill.app/img/heybill-logo-symbol-color.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.42.187.32 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
mandalor.arcaweb.ch
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
3cefce2b27868cae29be0bc8c921d876371f5a706f53260536d8a5c8e3ce8943

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.heybill.app/de

Response headers

accept-ranges
bytes
content-length
5798
etag
"16a6-623912901c2be"
date
Sat, 19 Oct 2024 11:05:41 GMT
last-modified
Thu, 03 Oct 2024 11:50:25 GMT
content-type
image/png
server
Apache/2.4.52 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap

1 Cookies

Domain/Path Name / Value
www.heybill.app/ Name: lang
Value: de