bill.cloudghana.com Open in urlscan Pro
139.64.166.103  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bill.cloudghana.com/	5 KB 5 KB	2975ms 155ms	Document text/html	139.64.166.103 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://bill.cloudghana.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.64.166.103 Amsterdam, Netherlands, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 103-166-64-139.clients.gthost.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash ad5c899e55adae4bb13cf8fef3b7ab8c3dea0cc2d94e96224e005fc4ebfb8b05 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Length 4929 Content-Type text/html; charset=UTF-8 Date Fri, 13 Sep 2024 12:46:20 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16
GET H/1.1	200 OK	styles.css bill.cloudghana.com/	3 KB 3 KB	35ms 34ms	Stylesheet text/css	139.64.166.103 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://bill.cloudghana.com/styles.css Requested by Host: bill.cloudghana.com URL: https://bill.cloudghana.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.64.166.103 Amsterdam, Netherlands, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 103-166-64-139.clients.gthost.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash ea6a5542f15e46f4fc61725a4e53649697828e644a8009233ecedfd852e79d7f Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 13 Sep 2024 12:46:20 GMT Last-Modified Thu, 25 Jul 2024 23:16:37 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "cbd-61e1a962d950d" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3261
GET H2	200	callus.js Show response downloads-global.3cx.com/downloads/livechatandtalk/v1/	683 KB 197 KB	412ms 69ms	Script text/javascript	2606:4700:4400::ac40:98ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js Requested by Host: bill.cloudghana.com URL: https://bill.cloudghana.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 351afe99fb3e7797e3602849c01be8a1d5c1c3f47555ea07ea511a17859b9d96 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 12:46:21 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 28 Jul 2023 06:18:17 GMT server cloudflare age 2650 cf-polished origSize=698933 etag W/"805a264c1bc1d91:0" vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 8c283d570b8a4d84-FRA expires Fri, 13 Sep 2024 16:46:21 GMT
GET H/1.1	200 OK	radmanlogo_small.gif bill.cloudghana.com/images/	4 KB 4 KB	33ms 32ms	Image image/gif	139.64.166.103 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://bill.cloudghana.com/images/radmanlogo_small.gif Requested by Host: bill.cloudghana.com URL: https://bill.cloudghana.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.64.166.103 Amsterdam, Netherlands, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 103-166-64-139.clients.gthost.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash dad745fb25a5f023ccfdce443ea8e42a1cf7d4afbc2bfd9f3e3eef20d13fbb34 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 13 Sep 2024 12:46:20 GMT Last-Modified Wed, 07 Sep 2022 18:37:26 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "ebb-5e81a9ab68580" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3771
GET H/1.1	200 OK	md5.js Show response bill.cloudghana.com/scripts/	9 KB 9 KB	62ms 5ms	Script application/javascript	139.64.166.103 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://bill.cloudghana.com/scripts/md5.js Requested by Host: bill.cloudghana.com URL: https://bill.cloudghana.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.64.166.103 Amsterdam, Netherlands, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 103-166-64-139.clients.gthost.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 13 Sep 2024 12:46:20 GMT Last-Modified Thu, 25 Jul 2024 23:16:37 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "227b-61e1a962d9125" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 8827
GET H2	200	LiveChat548819 Show response callme.3cx.sc/MyPhone/config/	1 KB 1 KB	610ms 172ms	Fetch application/json	41.155.99.46 GHANATEL-AS
General Check archive.org Show headers Download Go to Full URL https://callme.3cx.sc/MyPhone/config/LiveChat548819 Requested by Host: downloads-global.3cx.com URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 41.155.99.46 Accra, Ghana, ASN29614 (GHANATEL-AS, GH), Reverse DNS Software nginx / Resource Hash d413437fedce2440c3f39f8e78d51eb61db2f5aabacdbece257e69d091fbd618 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 12:46:17 GMT content-security-policy default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self' x-content-type-options nosniff strict-transport-security max-age=31536000 content-encoding gzip cross-origin-embedder-policy credentialless x-xss-protection 0 pragma no-cache referrer-policy no-referrer server nginx cross-origin-opener-policy same-origin vary Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://bill.cloudghana.com cache-control no-store
GET H/1.1	200 OK	favicon.ico bill.cloudghana.com/	1 KB 2 KB	66ms 65ms	Other image/vnd.microsoft.icon	139.64.166.103 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://bill.cloudghana.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.64.166.103 Amsterdam, Netherlands, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 103-166-64-139.clients.gthost.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 78a5efdcc0a82bfb1a9de665a35c7f1789594bd9b4ccbaf0ab268008c43ae838 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 13 Sep 2024 12:46:21 GMT Last-Modified Thu, 25 Jul 2024 23:16:37 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "57e-61e1a962d5e5d" Content-Type image/vnd.microsoft.icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1406
GET H2	200	c2cinfo Show response callme.3cx.sc/MyPhone/	147 B 1 KB	140ms 139ms	Fetch application/json	41.155.99.46 GHANATEL-AS
General Check archive.org Show headers Download Go to Full URL https://callme.3cx.sc/MyPhone/c2cinfo?c2cid=LiveChat548819 Requested by Host: downloads-global.3cx.com URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 41.155.99.46 Accra, Ghana, ASN29614 (GHANATEL-AS, GH), Reverse DNS Software nginx / Resource Hash b1efb170e0422dd482c9c76cbef9e540a35fc3141ab35a8b910a95134136d569 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://bill.cloudghana.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 12:46:17 GMT content-security-policy default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self' x-content-type-options nosniff strict-transport-security max-age=31536000 content-encoding gzip cross-origin-embedder-policy credentialless x-xss-protection 0 pragma no-cache referrer-policy no-referrer server nginx cross-origin-opener-policy same-origin vary Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://bill.cloudghana.com cache-control no-store
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b776f899b159bd447eeadecf2ba14c1f555ca8d99971b0e9f9bbd87b6f8de492 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| focusField number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 function| login function| change_lang object| callus

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bill.cloudghana.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: n0vgumm586br8jjpkq8r2ono16
			.3cx.com/	1970-01-20 23:30:33	Name: __cf_bm Value: UFpDtkcKNtf7N9BCOsiuTvtUFGRjn7I_rABuiMFNCxY-1726231581-1.0.1.1-xljLUtiGD8H8oldKiDEKm0p8tVZLythEVIKFqtd3p7odQTgFdAuJRS_hZZ9evr5_Yx_AmEDTBwNnPcF.z4PYfQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bill.cloudghana.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bill.cloudghana.com
callme.3cx.sc
downloads-global.3cx.com
139.64.166.103
2606:4700:4400::ac40:98ed
41.155.99.46
351afe99fb3e7797e3602849c01be8a1d5c1c3f47555ea07ea511a17859b9d96
78a5efdcc0a82bfb1a9de665a35c7f1789594bd9b4ccbaf0ab268008c43ae838
ad5c899e55adae4bb13cf8fef3b7ab8c3dea0cc2d94e96224e005fc4ebfb8b05
b1efb170e0422dd482c9c76cbef9e540a35fc3141ab35a8b910a95134136d569
b776f899b159bd447eeadecf2ba14c1f555ca8d99971b0e9f9bbd87b6f8de492
d413437fedce2440c3f39f8e78d51eb61db2f5aabacdbece257e69d091fbd618
dad745fb25a5f023ccfdce443ea8e42a1cf7d4afbc2bfd9f3e3eef20d13fbb34
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
ea6a5542f15e46f4fc61725a4e53649697828e644a8009233ecedfd852e79d7f