urlscan.io logo urlscan.io
SecurityTrails logo

www.billing.xyn.nl Open in urlscan Pro
2a0b:7280:200:0:405:30ff:fe00:da0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.billing.xyn.nl/
Effective URL: https://www.billing.xyn.nl/login.php
Submission: On March 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2a0b:7280:200:0:405:30ff:fe00:da0, located in Netherlands and belongs to ASTRALUS, NL. The main domain is www.billing.xyn.nl.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 7th 2020. Valid for: 3 months.
This is the only time www.billing.xyn.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2a0b:7280:200... 48635 (ASTRALUS)
6 1
Apex Domain
Subdomains		 Transfer
7 xyn.nl
www.billing.xyn.nl
185 KB
6 1
Domain Requested by
7 www.billing.xyn.nl 1 redirects www.billing.xyn.nl
6 1

This site contains links to these domains. Also see Links.

Domain
www.hostfact.nl
Subject Issuer Validity Valid
billing.xyn.nl
Let's Encrypt Authority X3		 2020-01-07 -
2020-04-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.billing.xyn.nl/login.php
Frame ID: B865299060DAF7B324D1BE00EE395B8C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.billing.xyn.nl/ HTTP 302
    https://www.billing.xyn.nl/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

185 kB
Transfer

724 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.billing.xyn.nl/ HTTP 302
    https://www.billing.xyn.nl/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
www.billing.xyn.nl/
Redirect Chain
  • https://www.billing.xyn.nl/
  • https://www.billing.xyn.nl/login.php
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 / PHP/7.1.30
Resource Hash
68010409f1ba6078b77f5f0440b4641e53183f351897fe4d1ca8b55e87364bc0

Request headers

:method
GET
:authority
www.billing.xyn.nl
:scheme
https
:path
/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
wfhbf276ec12=a3ede98dd26d592e3890a7ffb3111c5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Sun, 08 Mar 2020 01:06:19 GMT
server
Apache/2
x-powered-by
PHP/7.1.30
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
1378
content-type
text/html; charset=utf-8

Redirect headers

status
302
date
Sun, 08 Mar 2020 01:06:18 GMT
server
Apache/2
x-powered-by
PHP/7.1.30
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
wfhbf276ec12=a3ede98dd26d592e3890a7ffb3111c5c; path=/
location
login.php
vary
User-Agent
content-length
0
content-type
text/html; charset=utf-8
jquery-ui.css
www.billing.xyn.nl/js/jquery-ui-1.12.1.custom/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.billing.xyn.nl/js/jquery-ui-1.12.1.custom/jquery-ui.css?v=20190520
Requested by
Host: www.billing.xyn.nl
URL: https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
f2776344c07d745a8029902270894f53abbbd38e2fa98651e1ce8c277bc47b6e

Request headers

Referer
https://www.billing.xyn.nl/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 08 Mar 2020 01:06:19 GMT
content-encoding
gzip
last-modified
Sun, 09 Dec 2018 15:39:28 GMT
server
Apache/2
etag
"8ed6-57c98a762ff95-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
8486
global.css
www.billing.xyn.nl/css/ 		87 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.billing.xyn.nl/css/global.css?v=20190520
Requested by
Host: www.billing.xyn.nl
URL: https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
c9df2677b4a28c08a4a715d9f0289640a01572a1cf5932b6d1b75a648b259bbf

Request headers

Referer
https://www.billing.xyn.nl/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 08 Mar 2020 01:06:19 GMT
content-encoding
gzip
last-modified
Sun, 09 Dec 2018 15:39:10 GMT
server
Apache/2
etag
"15a70-57c98a64d5ce8-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
18107
jquery-3.4.0.min.js
www.billing.xyn.nl/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.billing.xyn.nl/js/jquery-3.4.0.min.js
Requested by
Host: www.billing.xyn.nl
URL: https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Referer
https://www.billing.xyn.nl/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 08 Mar 2020 01:06:19 GMT
content-encoding
gzip
last-modified
Sat, 25 May 2019 04:24:04 GMT
server
Apache/2
etag
"15857-589aeaf7bd838-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
30668
jquery-ui.js
www.billing.xyn.nl/js/jquery-ui-1.12.1.custom/ 		509 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.billing.xyn.nl/js/jquery-ui-1.12.1.custom/jquery-ui.js
Requested by
Host: www.billing.xyn.nl
URL: https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
954fe482f7e92cdcc72414bd21a6e9c8de63949a3292e459a0a73c4e36680f88

Request headers

Referer
https://www.billing.xyn.nl/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 08 Mar 2020 01:06:19 GMT
content-encoding
gzip
last-modified
Sun, 09 Dec 2018 15:39:29 GMT
server
Apache/2
etag
"7f20a-57c98a7682017-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
logo_login.png
www.billing.xyn.nl/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.billing.xyn.nl/images/logo_login.png?v=20190520
Requested by
Host: www.billing.xyn.nl
URL: https://www.billing.xyn.nl/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:200:0:405:30ff:fe00:da0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
91aa5226e66d4e27165e322ed2050a2ee5398e3e33b8b51fa75f71faee83ed1f

Request headers

Referer
https://www.billing.xyn.nl/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 08 Mar 2020 01:06:19 GMT
last-modified
Sun, 09 Dec 2018 15:39:11 GMT
server
Apache/2
etag
"f97-57c98a6610430"
content-type
image/png
status
200
accept-ranges
bytes
content-length
3991

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| enterSubmit

1 Cookies

Domain/Path Name / Value
www.billing.xyn.nl/ Name: wfhbf276ec12
Value: a3ede98dd26d592e3890a7ffb3111c5c