billing2.xyzz.work Open in urlscan Pro
172.67.174.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billing2.xyzz.work/
Submission: On September 12 via automatic, source certstream-suspicious (September 12th 2021, 4:21:25 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 172.67.174.60, located in United States and belongs to CLOUDFLARENET, US. The main domain is billing2.xyzz.work.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time billing2.xyzz.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	172.67.174.60 172.67.174.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.177.15.138 108.177.15.138	15169 (GOOGLE) (GOOGLE)
2	51.81.57.164 51.81.57.164	16276 (OVH) (OVH)
15	4

9 172.67.174.60 (United States)

ASN13335 (CLOUDFLARENET, US)

billing2.xyzz.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f138.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.81.57.164 (United States)

ASN16276 (OVH, FR)
PTR: ns1001279.ip-51-81-57.us

sentry.invoicing.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	xyzz.work billing2.xyzz.work	4 MB
2	invoicing.co sentry.invoicing.co	397 B
2	google.com apis.google.com	56 KB
15	3

	Domain	Requested by
9	billing2.xyzz.work	billing2.xyzz.work
2	sentry.invoicing.co	billing2.xyzz.work
2	apis.google.com	billing2.xyzz.work apis.google.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sentry.invoicing.co R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://billing2.xyzz.work/
Frame ID: F315F3A6A073A7219F63F681A37E3C56
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invoice Ninja

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

15
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

4319 kB
Transfer

11159 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billing2.xyzz.work/ 4 KB
3 KB 686ms
599ms Document
text/html 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.23
Resource Hash: cd57f11e3170edf922c2736f64af989125714cbdee167a312d9a8bb45e0cb921

Request headers

:method: GET
:authority: billing2.xyzz.work
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 12 Sep 2021 04:21:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: X-APP-VERSION,X-MINIMUM-CLIENT-VERSION
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; expires=Sun, 12-Sep-2021 06:21:18 GMT; Max-Age=7200; path=/; samesite=lax invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D; expires=Sun, 12-Sep-2021 06:21:18 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-app-version: 5.3.9
x-minimum-client-version: 5.0.16
x-powered-by: PHP/7.4.23
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL64rZC%2BIPWJSc0Sh8lk9UM0td38YcB%2FaYFAhYbQpdCjHDbRLogFHpGbljKfQvDfdbwbLfre3DqEoUQOs4OZFLd2awC3Vsec5A0MjxVLiOkM9qmkpv1pammNqBMIhfWKKrYqR%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68d659226f3e411f-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 pdf.min.js Show response
billing2.xyzz.work/js/ 190 KB
54 KB 988ms
987ms Script
application/javascript 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/js/pdf.min.js
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3baa68966dd94536443809de61bbec2adcb77372917037f6d0c730b650a06b9b

Request headers

:path: /js/pdf.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: W/"613b1b1b-2f929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqoqGhKLsEW5msMH4RWj4xX6iB%2FUSwSSNyMf%2FbWykXFBGaUK1imtbBOD7%2FOXXDg2TUoL5Xv9%2BuuHCVnyQrE4ogkkpYGcrhJh9pMK7plXUth64IuttW0ViUsSI2BInh2TsaS99q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68d65926ea0d411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.dart.js Show response
billing2.xyzz.work/ 8 MB
2 MB 1309ms
1309ms Script
application/javascript 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f21727de8bbbe0df25f4ecf7d9d2aff59d4c93e5a92b41957d5f3d5cc8ec09a4

Request headers

:path: /main.dart.js?v=5.3.9
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: W/"613b1b1b-84651f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdDbhHyq0eeEGEczBAcgj0Fri0rfDqdJIMu5eZZNEfX5H4Z9fMLTWc8YVMCSAXuggi9La4s6D6C%2B0otXTXKmcBNTEqTELMekLW3ux7O3dSisOD7%2BBmowBclcQbGCGr29w6WVjVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68d65926ea0e411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 87ms
39ms Script
application/javascript 108.177.15.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=gapiOnloadCallback

Requested by

Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f138.1e100.net

Software

ESF /

Resource Hash

e013be710ce92dc35129a385fc62e7f34626a8ef21ba43ccd87af1d5f0a00279

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AO8aNMl3umxHrJkuO/O8iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "1e8a8a22a347f15e40696d497eace765"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-AO8aNMl3umxHrJkuO/O8iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 12 Sep 2021 04:21:21 GMT

GET
H3 200 FontManifest.json Show response
billing2.xyzz.work/assets/ 259 B
730 B 513ms
512ms XHR
application/json 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/FontManifest.json
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16a297c47f4ca8953bcd00eec24d0f1084a68d2ac401436a6f7581bbf50766b4

Request headers

:path: /assets/FontManifest.json
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: W/"613b1b1b-103"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLDNAdW%2FBuaXS%2F%2BddQ2zjZsJO22TFIQsVY4Qovw6F4b3Y3%2FK5xT7vRUaBQd0r8%2Fgyv54%2FqxxpZfugTumHw4pxQ0hPc6c2MPEsMZc8%2FRadLSFDfScNOwPtEOHagTVPl78AMxLVpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 68d65936af444125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 103 KB
34 KB 42ms
14ms Script
text/javascript 108.177.15.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=gapiOnloadCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.15.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f138.1e100.net

Software

sffe /

Resource Hash

59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 18:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35070
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 18:56:03 GMT

GET
H3 200 MaterialIcons-Regular.otf
billing2.xyzz.work/assets/fonts/ 1 MB
1 MB 830ms
829ms Font
application/octet-stream 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/fonts/MaterialIcons-Regular.otf
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04d08fe02dab67188f72e1e97258f4a0d8b5982523e02edea132f8090f9fab4

Request headers

sec-fetch-mode: cors
origin: https://billing2.xyzz.work
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D
:path: /assets/fonts/MaterialIcons-Regular.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billing2.xyzz.work/
Origin: https://billing2.xyzz.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:22 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: "613b1b1b-13d364"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2W%2BlUJ1zZRl%2BnDy3zouiS3jiF%2Fgy0%2F5Capb7HxWQxSNUdPIy8XigXj51yEIHGGXusRQslo9zkCxIEhrBaZL94oeUJX%2BB4soF7wzfTZteSCq9RbCqW9tDxJLO58M5VelwuCMFTDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68d65939d9314125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1299300

GET
H3 200 materialdesignicons-webfont.ttf
billing2.xyzz.work/assets/packages/material_design_icons_flutter/lib/fonts/ 1002 KB
1003 KB 844ms
844ms Font
application/octet-stream 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/packages/material_design_icons_flutter/lib/fonts/materialdesignicons-webfont.ttf
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14484cf2d706d2359867a07cca665f83e4c3b0868fddde44c92c48a212d7841

Request headers

sec-fetch-mode: cors
origin: https://billing2.xyzz.work
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IkxHUmV3WWF0VGxTQTBOM0VVMDIwM0E9PSIsInZhbHVlIjoiV0VRcWliblR2K3F1YzRIeFk0Rkk1bEdNYXJkSFgydHc0elNFano5NDlzbEIyakdkWC9Sd1BTWTVjV3RCUEdFZmtlRGpMYUFmV2tibDV0UHQ3Yk9rZ05uVytPaXV1T29CME9EU3lIU3Y3OTVWSmI3N0dzUTc4WXlsYVJvNmw0ZjIiLCJtYWMiOiI3NzI1MWRjNmI4NWEwZWE4MTZjNjA5OTNhMWU1MjEzNDNhOTZkMThhYjcyODBkNWQ5ODljODFjMzFiYjQ4MTdkIiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkliRGFGdzNIZWFVZnNMeVlmcXVhRmc9PSIsInZhbHVlIjoiK3RlK1VrbzZuNUZjY25McHY0TVNsaG1XNk10dU8vc2Mxd1dTNlpQekpUYnBWdjJuc0xzRHFubGhXWXB4Ri9hY1d4aW1haU5VUVJkb0VBNmh4M0lya1Q1SlhGbXBmK0hSQlpxNGU0YVJHcDJyNE1HYU04UlBXNUlHMVJMQnJXQTAiLCJtYWMiOiJkY2NiZWIwMWI3MzhlZjcwYzQ2Yzk1ZjQ3NDc4NDg0MGE5NGUzODFlY2Y3YjVhNWNhODFkYjk5NzQ5YTUyNWQwIiwidGFnIjoiIn0%3D
:path: /assets/packages/material_design_icons_flutter/lib/fonts/materialdesignicons-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://billing2.xyzz.work/
Origin: https://billing2.xyzz.work
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:22 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: "613b1b1b-fa880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIEPcHnTaJoCdDlPl4V8KjHWh6%2FtkJciAyWMpp334m6ExEnD9M41qYtDsrj%2FKC0XUVxgvyTtIDPNtPVM%2BItOfd8gmgFLDGm2wmW3A4aAa3JynLSh28WFv5oK3Zv8wFXpmMbQ2QM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68d65939d9334125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1026176

GET
H3 200 AssetManifest.json Show response
billing2.xyzz.work/assets/ 2 KB
840 B 182ms
182ms XHR
application/json 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/AssetManifest.json
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4412c6cdb2aae2bdb6e03897b20122ea24e496d07a4d77bb9ad377415f49908

Request headers

:path: /assets/AssetManifest.json
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlgwMHFvTHk3MHExRVA0ODMyM0M1K2c9PSIsInZhbHVlIjoibmpWekExTGlYbmYzU3luU0ZXQytvRGZDcmhOdE0zT3o1RkVIdnVDTkpFMFozTGZVb1RiSGNURlkybTRON1RqcE9KRnhVRjd2UzIzRXdhdVlPSXVqeFNIQnNCM0UvZms4RmpOa0lLMG1aNHpTTUhkTXovb0dvdm5MM1d1N2o0bnYiLCJtYWMiOiJiNWRiNjdjZGU5ZDc0MmEwZGE1ZjIxMTE4NTJkNDIzMTkxOGI0ZjI0YzgyYzYxNzZlMzAyMDYxMWJmNjVkODI5IiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkNjMDNlV2k2NFJOT2J3SnBvZVFzcVE9PSIsInZhbHVlIjoib2hiUUpIbGdPWHorS0JyOS8zSjNMYS9Na3hmMHNiOFQxczMxWFRocng0czByZldPWGZZM2VrV250QmkydUlzOTV1WENmYkxxWnNXMFI4UXFFM21BaE9Xc2VTbllKRmQ4cy9Lb2JHQjA3NEtVOXFURFd1RnE4dW1xdUEzUHlUQ2YiLCJtYWMiOiIzOWRkYzgxYTg0OWRlMDYxYjZlYWQ5YjcxNzBiY2IxNWE4MTQ0MjgwM2FhZGViNWYzOTAwMjY2ZjQ3NTFhMGNjIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: W/"613b1b1b-693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVtJtD9UEjB8IOHPfiBzNNwokWPc4q8hZoY7t0l30sPo5IFULu1drfLVUcFaUiFSop8JeuptnKpyhvfQ8Eig0fnRmfFZsT31IIF2q4nUPWbUohkAJWahu%2F%2B8RV%2Byi0amT5GHjmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 68d659440f004125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK / Show response
sentry.invoicing.co/api/7/store/ 41 B
397 B 288ms
97ms XHR
application/json 51.81.57.164
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.invoicing.co/api/7/store/

Requested by

Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.81.57.164 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1001279.ip-51-81-57.us

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c97100845800d3e50de0d26f4bff7f9125562a6ffcaba1543e29a3fbf801e04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billing2.xyzz.work/
X-Sentry-Auth: Sentry sentry_version=7, sentry_client=sentry.dart.flutter/5.1.0, sentry_key=634363c8dd6048b8ae89ab6c66dd9c24, sentry_timestamp=1631420483387
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 12 Sep 2021 04:21:23 GMT
vary: Origin
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
access-control-allow-origin: https://billing2.xyzz.work
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
Connection: close
Content-Length: 41

OPTIONS
H/1.1 200
OK /
sentry.invoicing.co/api/7/store/ 0
0 349ms
97ms Preflight 51.81.57.164
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.invoicing.co/api/7/store/

Protocol

HTTP/1.1

Server

51.81.57.164 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1001279.ip-51-81-57.us

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-sentry-auth
Origin: https://billing2.xyzz.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 12 Sep 2021 04:21:23 GMT
Content-Length: 0
Connection: close
access-control-max-age: 3600
access-control-allow-headers: x-requested-with,content-type,transfer-encoding,authentication,x-forwarded-for,referer,x-sentry-auth,origin,authorization,accept,content-encoding
access-control-allow-origin: https://billing2.xyzz.work
access-control-allow-methods: POST
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
Strict-Transport-Security: max-age=31536000

GET
H3 200 icon.png Show response
billing2.xyzz.work/assets/assets/images/ 7 KB
8 KB 510ms
509ms XHR
image/png 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/assets/images/icon.png
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0a0e00b499d772de2340bd2069ca4ab237de8e650b92bcd36db4200a3cce1e9

Request headers

:path: /assets/assets/images/icon.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlgwMHFvTHk3MHExRVA0ODMyM0M1K2c9PSIsInZhbHVlIjoibmpWekExTGlYbmYzU3luU0ZXQytvRGZDcmhOdE0zT3o1RkVIdnVDTkpFMFozTGZVb1RiSGNURlkybTRON1RqcE9KRnhVRjd2UzIzRXdhdVlPSXVqeFNIQnNCM0UvZms4RmpOa0lLMG1aNHpTTUhkTXovb0dvdm5MM1d1N2o0bnYiLCJtYWMiOiJiNWRiNjdjZGU5ZDc0MmEwZGE1ZjIxMTE4NTJkNDIzMTkxOGI0ZjI0YzgyYzYxNzZlMzAyMDYxMWJmNjVkODI5IiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkNjMDNlV2k2NFJOT2J3SnBvZVFzcVE9PSIsInZhbHVlIjoib2hiUUpIbGdPWHorS0JyOS8zSjNMYS9Na3hmMHNiOFQxczMxWFRocng0czByZldPWGZZM2VrV250QmkydUlzOTV1WENmYkxxWnNXMFI4UXFFM21BaE9Xc2VTbllKRmQ4cy9Lb2JHQjA3NEtVOXFURFd1RnE4dW1xdUEzUHlUQ2YiLCJtYWMiOiIzOWRkYzgxYTg0OWRlMDYxYjZlYWQ5YjcxNzBiY2IxNWE4MTQ0MjgwM2FhZGViNWYzOTAwMjY2ZjQ3NTFhMGNjIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:23 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: "613b1b1b-1cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsrCk6fSQ7lKOk42bFGx%2Bi48epTJLVYn%2Fd5%2BYskplk8zRAGSjIBs7WRFJ03tIfrU5pK0QjMWPjhfpHI7HOKBUansL6KcMFojGkQ%2FlRqm6tL4W5Uj3qoAiY3BXNHtWu2Pt%2F%2BpNus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68d659455fb24125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7360

GET
H3 200 logo_light.png Show response
billing2.xyzz.work/assets/assets/images/ 23 KB
23 KB 669ms
669ms XHR
image/png 172.67.174.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billing2.xyzz.work/assets/assets/images/logo_light.png
Requested by: Host: billing2.xyzz.work
URL: https://billing2.xyzz.work/main.dart.js?v=5.3.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4fd11aced8ec9664cd23bd1ec03f139bb63e068fc8f7a8173140b5b5c846acb

Request headers

:path: /assets/assets/images/logo_light.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlgwMHFvTHk3MHExRVA0ODMyM0M1K2c9PSIsInZhbHVlIjoibmpWekExTGlYbmYzU3luU0ZXQytvRGZDcmhOdE0zT3o1RkVIdnVDTkpFMFozTGZVb1RiSGNURlkybTRON1RqcE9KRnhVRjd2UzIzRXdhdVlPSXVqeFNIQnNCM0UvZms4RmpOa0lLMG1aNHpTTUhkTXovb0dvdm5MM1d1N2o0bnYiLCJtYWMiOiJiNWRiNjdjZGU5ZDc0MmEwZGE1ZjIxMTE4NTJkNDIzMTkxOGI0ZjI0YzgyYzYxNzZlMzAyMDYxMWJmNjVkODI5IiwidGFnIjoiIn0%3D; invoice_ninja_session=eyJpdiI6IkNjMDNlV2k2NFJOT2J3SnBvZVFzcVE9PSIsInZhbHVlIjoib2hiUUpIbGdPWHorS0JyOS8zSjNMYS9Na3hmMHNiOFQxczMxWFRocng0czByZldPWGZZM2VrV250QmkydUlzOTV1WENmYkxxWnNXMFI4UXFFM21BaE9Xc2VTbllKRmQ4cy9Lb2JHQjA3NEtVOXFURFd1RnE4dW1xdUEzUHlUQ2YiLCJtYWMiOiIzOWRkYzgxYTg0OWRlMDYxYjZlYWQ5YjcxNzBiY2IxNWE4MTQ0MjgwM2FhZGViNWYzOTAwMjY2ZjQ3NTFhMGNjIiwidGFnIjoiIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: billing2.xyzz.work
referer: https://billing2.xyzz.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://billing2.xyzz.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:21:24 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 08:45:15 GMT
server: cloudflare
etag: "613b1b1b-5bba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiL8WKywZ1N9FYDvtcRKD%2Fa8uH9E811v1cY1o0G0BsDS29F3Gx1L6QO2WrEW5SL%2B5tfelkooM89nGgxNRPb9gxeksCqwvpfU9nZ2SbxxakmKjuV79AisPYKvo7%2FUJD%2Bhqkky2fQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68d659455fb44125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23482

GET
BLOB 200
OK 390868b5-1dcb-4941-a913-26e9630b1eac
https://billing2.xyzz.work/ 7 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://billing2.xyzz.work/390868b5-1dcb-4941-a913-26e9630b1eac
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0a0e00b499d772de2340bd2069ca4ab237de8e650b92bcd36db4200a3cce1e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 7360

GET
BLOB 200
OK cd0813a5-0917-4bd6-b1c2-8502cf1b5913
https://billing2.xyzz.work/ 23 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://billing2.xyzz.work/cd0813a5-0917-4bd6-b1c2-8502cf1b5913
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4fd11aced8ec9664cd23bd1ec03f139bb63e068fc8f7a8173140b5b5c846acb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 23482

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 01:33:51	Name: NID Value: 223=k_tp8obd1vK6OyNdjWtBfifmH8tntfSqH7WosG1EttUMMRCMd0IMUGteHneSE8B1a9NE9UPXiySB9UPIA9hLnKie7M2iGgb1hg1ToVOSiZd6PinelXBQekKzfafeDBWMllPgDnuSKjphxXSDXP56SkN6bKpgAMNxDrzjok-iOrQ
billing2.xyzz.work/	1970-01-19 21:10:27	Name: XSRF-TOKEN Value: eyJpdiI6IlgwMHFvTHk3MHExRVA0ODMyM0M1K2c9PSIsInZhbHVlIjoibmpWekExTGlYbmYzU3luU0ZXQytvRGZDcmhOdE0zT3o1RkVIdnVDTkpFMFozTGZVb1RiSGNURlkybTRON1RqcE9KRnhVRjd2UzIzRXdhdVlPSXVqeFNIQnNCM0UvZms4RmpOa0lLMG1aNHpTTUhkTXovb0dvdm5MM1d1N2o0bnYiLCJtYWMiOiJiNWRiNjdjZGU5ZDc0MmEwZGE1ZjIxMTE4NTJkNDIzMTkxOGI0ZjI0YzgyYzYxNzZlMzAyMDYxMWJmNjVkODI5IiwidGFnIjoiIn0%3D
billing2.xyzz.work/	1970-01-19 21:10:27	Name: invoice_ninja_session Value: eyJpdiI6IkNjMDNlV2k2NFJOT2J3SnBvZVFzcVE9PSIsInZhbHVlIjoib2hiUUpIbGdPWHorS0JyOS8zSjNMYS9Na3hmMHNiOFQxczMxWFRocng0czByZldPWGZZM2VrV250QmkydUlzOTV1WENmYkxxWnNXMFI4UXFFM21BaE9Xc2VTbllKRmQ4cy9Lb2JHQjA3NEtVOXFURFd1RnE4dW1xdUEzUHlUQ2YiLCJtYWMiOiIzOWRkYzgxYTg0OWRlMDYxYjZlYWQ5YjcxNzBiY2IxNWE4MTQ0MjgwM2FhZGViNWYzOTAwMjY2ZjQ3NTFhMGNjIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
billing2.xyzz.work
sentry.invoicing.co
108.177.15.138
172.67.174.60
51.81.57.164
16a297c47f4ca8953bcd00eec24d0f1084a68d2ac401436a6f7581bbf50766b4
3baa68966dd94536443809de61bbec2adcb77372917037f6d0c730b650a06b9b
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
c14484cf2d706d2359867a07cca665f83e4c3b0868fddde44c92c48a212d7841
c97100845800d3e50de0d26f4bff7f9125562a6ffcaba1543e29a3fbf801e04b
cd57f11e3170edf922c2736f64af989125714cbdee167a312d9a8bb45e0cb921
d04d08fe02dab67188f72e1e97258f4a0d8b5982523e02edea132f8090f9fab4
e013be710ce92dc35129a385fc62e7f34626a8ef21ba43ccd87af1d5f0a00279
e0a0e00b499d772de2340bd2069ca4ab237de8e650b92bcd36db4200a3cce1e9
e4412c6cdb2aae2bdb6e03897b20122ea24e496d07a4d77bb9ad377415f49908
f21727de8bbbe0df25f4ecf7d9d2aff59d4c93e5a92b41957d5f3d5cc8ec09a4
f4fd11aced8ec9664cd23bd1ec03f139bb63e068fc8f7a8173140b5b5c846acb

billing2.xyzz.work Open in urlscan Pro 172.67.174.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

4319 kBTransfer

11159 kBSize

3 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

Indicators

billing2.xyzz.work Open in urlscan Pro
172.67.174.60 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

4319 kB
Transfer

11159 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions