urlscan.io logo urlscan.io
SecurityTrails logo

invoiceatt.bubbleapps.io Open in urlscan Pro
104.18.246.24  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://invoiceatt.bubbleapps.io/
Effective URL: https://invoiceatt.bubbleapps.io/
Submission: On August 31 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.18.246.24, located in and belongs to CLOUDFLARENET, US. The main domain is invoiceatt.bubbleapps.io.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.
This is the only time invoiceatt.bubbleapps.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
12 104.18.246.24 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
15 5
Apex Domain
Subdomains		 Transfer
12 bubbleapps.io
invoiceatt.bubbleapps.io
938 KB
1 cloudfront.net
d1muf25xaso8hp.cloudfront.net
3 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
15 4
Domain Requested by
12 invoiceatt.bubbleapps.io invoiceatt.bubbleapps.io
1 d1muf25xaso8hp.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com invoiceatt.bubbleapps.io
15 4

This site contains links to these domains. Also see Links.

Domain
identity.att.com
www.att.com
about.att.com
Subject Issuer Validity Valid
bubbleapps.io
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://invoiceatt.bubbleapps.io/
Frame ID: C06C4E0DC46F9D8431EF3D2B016E1F1E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

INVOICELogin Screen

Page URL History Show full URLs

  1. http://invoiceatt.bubbleapps.io/ HTTP 307
    https://invoiceatt.bubbleapps.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1027 kB
Transfer

3790 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://invoiceatt.bubbleapps.io/ HTTP 307
    https://invoiceatt.bubbleapps.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
invoiceatt.bubbleapps.io/
Redirect Chain
  • http://invoiceatt.bubbleapps.io/
  • https://invoiceatt.bubbleapps.io/
281 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ab0dcdb3beb2032344c28c3fc1b85bfa13a38850466007413ceb72580e2b5fb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8bb9063e8883750c-HAM
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Sat, 31 Aug 2024 00:50:05 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.074 unit-seconds used
x-bubble-perf
{"total":78.5,"percents":{"top":{"bubble_cpu":40.8,"block":57.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":37.3,"appserver_cache_misses_time":0,"redis":55.8,"fiber_queue":4.3,"capacity_wait":2.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":29,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":59,"fiber_queue":56,"blocks":55},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":4796762}}
x-frame-options
DENY
x-powered-by
Express

Redirect headers

Location
https://invoiceatt.bubbleapps.io/
Non-Authoritative-Reason
HttpsUpgrades
early.js
invoiceatt.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://invoiceatt.bubbleapps.io/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:05 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":30,"percents":{"top":{"bubble_cpu":19.1,"block":78.5,"capacity_rl":0,"other_pause":0,"pre_fiber":2},"sub":{"pp_userdb":6.7,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":57.6,"fiber_queue":3.6,"capacity_wait":7.4}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":858197}}
age
52238
x-powered-by
Express
x-bubble-capacity-used
0.013 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
8817
server
cloudflare
etag
05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb90640b90a750c-HAM
x-bubble-capacity-limit
0 ms slower
run.css
invoiceatt.bubbleapps.io/package/run_css/7cc0f75526a4baa6441027e464109a0abbb8a6da854935d8006a46781b6c3c84/invoiceatt/live/index/xfalse/xfalse/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/run_css/7cc0f75526a4baa6441027e464109a0abbb8a6da854935d8006a46781b6c3c84/invoiceatt/live/index/xfalse/xfalse/run.css
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fa432447d8bca3387caac469b67984517a4e65a6ee5a842b5d5d6910215cfa55

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:05 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":242.3,"percents":{"top":{"bubble_cpu":10,"block":80.7,"capacity_rl":0,"other_pause":0,"pre_fiber":8.5},"sub":{"pp_userdb":2.1,"pp_wait_userdb":0,"http_request":0,"serverjson":6.7,"appserver_cache_misses_time":0,"redis":19.7,"fiber_queue":14.6,"capacity_wait":12.4}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":26,"fiber_queue":32,"blocks":31},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":4652083}}
age
45090
cf-polished
origSize=57620
x-powered-by
Express
x-bubble-capacity-used
0.072 unit-seconds used
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8bb90640b90b750c-HAM
x-bubble-capacity-limit
30.1 ms slower
pre_run_jquery.js
invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://invoiceatt.bubbleapps.io/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:05 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":20.9,"percents":{"top":{"bubble_cpu":34.4,"block":57.3,"capacity_rl":0,"other_pause":0,"pre_fiber":4.8},"sub":{"pp_userdb":9.6,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.9,"fiber_queue":4,"capacity_wait":9.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1080781}}
age
52238
x-powered-by
Express
x-bubble-capacity-used
0.017 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
31083
server
cloudflare
etag
dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb90640b90c750c-HAM
x-bubble-capacity-limit
0 ms slower
run.js
invoiceatt.bubbleapps.io/package/run_js/9ecb3942b54b1bab4d332089ea5e155b8e96c4a5ee5707cfeaec91906324f9dd/xfalse/x29/ 		3 MB
756 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/run_js/9ecb3942b54b1bab4d332089ea5e155b8e96c4a5ee5707cfeaec91906324f9dd/xfalse/x29/run.js
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dbccb2aaf89aad238f3530e721fce00efd529b7d06c2e9896e156ceaa24060b8

Request headers

Referer
https://invoiceatt.bubbleapps.io/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:06 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":36.1,"percents":{"top":{"bubble_cpu":27.9,"block":65,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":8.3,"pp_wait_userdb":0,"http_request":0,"serverjson":10,"appserver_cache_misses_time":0,"redis":35.1,"fiber_queue":3.9,"capacity_wait":4.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":15,"fiber_queue":22,"blocks":21},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7509072}}
x-powered-by
Express
x-bubble-capacity-used
0.116 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
773305
server
cloudflare
etag
9ecb3942b54b1bab4d332089ea5e155b8e96c4a5ee5707cfeaec91906324f9dd
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb90640b90d750c-HAM
x-bubble-capacity-limit
0 ms slower
static.js
invoiceatt.bubbleapps.io/package/static_js/714ff4e88bc3b42213ab6c8d74e0555e4b385a1f67aa00c69513e3e8d29ac3f1/invoiceatt/live/index/xnull/xfalse/xfalse/xfalse/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/static_js/714ff4e88bc3b42213ab6c8d74e0555e4b385a1f67aa00c69513e3e8d29ac3f1/invoiceatt/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9f28eaa237d7292325ee2636614d16942710ccb81b6faab05b13eb2096c33ab6

Request headers

Referer
https://invoiceatt.bubbleapps.io/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:06 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":113.8,"percents":{"top":{"bubble_cpu":16.3,"block":83.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":3.5,"pp_wait_userdb":0,"http_request":0,"serverjson":22.8,"appserver_cache_misses_time":0,"redis":30.7,"fiber_queue":1.9,"capacity_wait":1.9}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":4,"derived_cache_memory_misses":4,"serverjson":16,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":31,"fiber_queue":33,"blocks":32},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":8774083}}
x-powered-by
Express
x-bubble-capacity-used
0.135 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
5393
server
cloudflare
etag
714ff4e88bc3b42213ab6c8d74e0555e4b385a1f67aa00c69513e3e8d29ac3f1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb90640b90e750c-HAM
x-bubble-capacity-limit
0 ms slower
dynamic.js
invoiceatt.bubbleapps.io/package/dynamic_js/175c30200a78ec8ebee9011c5046afd318f5c858bc41995cff2e87f7346ec1fc/invoiceatt/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/package/dynamic_js/175c30200a78ec8ebee9011c5046afd318f5c858bc41995cff2e87f7346ec1fc/invoiceatt/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e12eced8aaf943e927dc151f50c72836d8a0bc2a60cca4ff7bcbe17cbfd18317

Request headers

Referer
https://invoiceatt.bubbleapps.io/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:05 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":141.5,"percents":{"top":{"bubble_cpu":8.2,"block":91.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.4,"pp_wait_userdb":0,"http_request":0,"serverjson":2,"appserver_cache_misses_time":0,"redis":12.1,"fiber_queue":0.9,"capacity_wait":1.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":2,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":16,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1731745}}
age
52238
x-powered-by
Express
x-bubble-capacity-used
0.027 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
3640
server
cloudflare
etag
175c30200a78ec8ebee9011c5046afd318f5c858bc41995cff2e87f7346ec1fc
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb90640b90f750c-HAM
x-bubble-capacity-limit
0 ms slower
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 31 Aug 2024 00:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 00:50:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Aug 2024 00:50:05 GMT
data
invoiceatt.bubbleapps.io/api/1.1/init/ 		283 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/api/1.1/init/data?location=https%3A%2F%2Finvoiceatt.bubbleapps.io%2F
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7204881b21c2ec2f226e531498cc120bcade70409ecc7941481a444250e4a996

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:50:05 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":31.2,"percents":{"top":{"bubble_cpu":27.9,"block":67.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3.8},"sub":{"pp_userdb":3.2,"pp_wait_userdb":0,"http_request":0,"serverjson":27.1,"appserver_cache_misses_time":0,"redis":47.5,"fiber_queue":3,"capacity_wait":7.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6304360}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.097 unit-seconds used
cf-ray
8bb906411925750c-HAM
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 12:26:16 GMT
x-content-type-options
nosniff
age
303829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 12:26:16 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecc6e5c037a4e54c1ed4052c9880d55c27187bf709fb82fae2709c92d3a3a563

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58

Request headers

Referer
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a1212cc1ab5c935d9a3fee05c98c940eaa895a23510e5f83d550dfbb0d763f

Request headers

Referer
Origin
https://invoiceatt.bubbleapps.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff
hi
invoiceatt.bubbleapps.io/user/ 		57 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/user/hi
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8007d182a2bd911bb844b16a97cd6cf7eabdd0d2a7da3ffc120b6bd6e61884bf

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1725065407078x982603583562401400
X-Bubble-Fiber-ID
1725065407098x385212206727439040
X-Bubble-PL
1725065405366x249
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://invoiceatt.bubbleapps.io/
cache-control
no-cache
Referer
https://invoiceatt.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 31 Aug 2024 00:50:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":17.8,"percents":{"top":{"bubble_cpu":27.5,"block":67.9,"capacity_rl":0,"other_pause":0,"pre_fiber":4.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":25.7,"appserver_cache_misses_time":0,"redis":51.9,"fiber_queue":4,"capacity_wait":12.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":735742}}
server
cloudflare
x-bubble-appname
invoiceatt
x-powered-by
Express
x-bubble-request-took
18
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
8bb9064a7b4e750c-HAM
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2F78ef449590574570432df5888ae9f8fd.cdn.bubble.io%2Ff1530294839424x143528842134401200%2FIcon-no-clearspace.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F78ef449590574570432df5888ae9f8fd.cdn.bubble.io%2Ff1530294839424x143528842134401200%2FIcon-no-clearspace.png?w=128&h=&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
4962051db9426f370d30bcd8bd3c44223b946e0625f3d9356848d16c82225f36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://invoiceatt.bubbleapps.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:10:17 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
337066
x-cache
Hit from cloudfront
x-imgix-id
6553f2ca2b041cbcba8ccb7e88fb338b42f0ce34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2761
x-served-by
cache-chi-klot8100118-CHI, cache-fra-eddf8230083-FRA
last-modified
Tue, 27 Aug 2024 03:12:22 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=290304000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
cCKNyoZ-VoDNfaao8OLaF2BKMeyhTdxkT-eWr51Z7yWsEhb4Y1qFpg==
m
invoiceatt.bubbleapps.io/user/ 		4 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/user/m
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725065407217x195793469919217860
X-Bubble-PL
1725065405366x249
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://invoiceatt.bubbleapps.io/
cache-control
no-cache
Referer
https://invoiceatt.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 31 Aug 2024 00:50:07 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":20.1,"percents":{"top":{"bubble_cpu":24.6,"block":69.9,"capacity_rl":0,"other_pause":0,"pre_fiber":4.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":24.6,"fiber_queue":3.5,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":739125}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
8bb9064b3b7b750c-HAM
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
apm
invoiceatt.bubbleapps.io/user/ 		4 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/user/apm
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725065408989x467123645866217800
X-Bubble-PL
1725065405366x249
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://invoiceatt.bubbleapps.io/
cache-control
no-cache
Referer
https://invoiceatt.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 31 Aug 2024 00:50:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":17.1,"percents":{"top":{"bubble_cpu":23.2,"block":71.8,"capacity_rl":0,"other_pause":0,"pre_fiber":5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":50.6,"fiber_queue":4.9,"capacity_wait":13.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":595724}}
server
cloudflare
x-bubble-appname
invoiceatt
x-powered-by
Express
x-bubble-request-took
17
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.009 unit-seconds used
cf-ray
8bb906564dd9750c-HAM
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
frg
invoiceatt.bubbleapps.io/ 		5 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoiceatt.bubbleapps.io/frg
Requested by
Host: invoiceatt.bubbleapps.io
URL: https://invoiceatt.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.246.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725065410219x892175824196455000
X-Bubble-PL
1725065405366x249
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://invoiceatt.bubbleapps.io/
cache-control
no-cache
Referer
https://invoiceatt.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 31 Aug 2024 00:50:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":16.3,"percents":{"top":{"bubble_cpu":31.7,"block":64,"capacity_rl":0,"other_pause":0,"pre_fiber":5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":51.5,"fiber_queue":4.1,"capacity_wait":13.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":776760}}
server
cloudflare
x-bubble-appname
invoiceatt
x-powered-by
Express
x-bubble-request-took
16
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.012 unit-seconds used
cf-ray
8bb9065dff90750c-HAM
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| bubble_session_uid object| headers_source_maps function| make_proxy function| appquery function| Lib function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery function| Lib_post_load boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| __algolia object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page object| preloaded number| bubble_version object| bubble_run_derived object| translation_data object| language_data string| application_language object| app function| everything_ready function| wait_for_everything function| savepage_ShadowLoader number| render_end_timestamp

3 Cookies

Domain/Path Name / Value
invoiceatt.bubbleapps.io/ Name: invoiceatt_live_u2main
Value: bus|1725065405339x297555441536031100|1725065405349x316379996777287550
invoiceatt.bubbleapps.io/ Name: invoiceatt_live_u2main.sig
Value: RwB1SYc1PFHy5DcILyjSyXTOz0k
invoiceatt.bubbleapps.io/ Name: invoiceatt_u1main
Value: 1725065405339x297555441536031100

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
invoiceatt.bubbleapps.io
104.18.246.24
2600:9000:211e:9600:1c:37e5:3f40:21
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::200a
37a1212cc1ab5c935d9a3fee05c98c940eaa895a23510e5f83d550dfbb0d763f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4962051db9426f370d30bcd8bd3c44223b946e0625f3d9356848d16c82225f36
7204881b21c2ec2f226e531498cc120bcade70409ecc7941481a444250e4a996
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8007d182a2bd911bb844b16a97cd6cf7eabdd0d2a7da3ffc120b6bd6e61884bf
9f28eaa237d7292325ee2636614d16942710ccb81b6faab05b13eb2096c33ab6
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
ab0dcdb3beb2032344c28c3fc1b85bfa13a38850466007413ceb72580e2b5fb6
dbccb2aaf89aad238f3530e721fce00efd529b7d06c2e9896e156ceaa24060b8
e12eced8aaf943e927dc151f50c72836d8a0bc2a60cca4ff7bcbe17cbfd18317
e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58
ecc6e5c037a4e54c1ed4052c9880d55c27187bf709fb82fae2709c92d3a3a563
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa432447d8bca3387caac469b67984517a4e65a6ee5a842b5d5d6910215cfa55
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa