billsheas.com Open in urlscan Pro
192.254.235.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billsheas.com/umassmed.edu/
Submission: On November 30 via manual (November 30th 2018, 11:10:43 pm UTC) from CA

Summary HTTP 52 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 52 HTTP transactions. The main IP is 192.254.235.72, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is billsheas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 15th 2018. Valid for: 3 months.

This is the only time billsheas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
18	192.254.235.72 192.254.235.72	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
3	146.189.216.100 146.189.216.100	1968 (UMASSP-DOM) (UMASSP-DOM - University of Massachusettes)
25	2606:4700:e2:... 2606:4700:e2::ac40:8610	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	138.201.253.2 138.201.253.2	24940 (HETZNER-AS) (HETZNER-AS)
2	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1 2	5.45.73.116 5.45.73.116	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2606:4700:e0:... 2606:4700:e0::ac40:610b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
52	8

18 192.254.235.72 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)

billsheas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.189.216.100 (Worcester, United States)

ASN1968 (UMASSP-DOM - University of Massachusettes, US)
PTR: owa.umassmed.edu

webmail.umassmed.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:e2::ac40:8610 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

analyticspage.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.253.2 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.253.201.138.clients.your-server.de

urlvalidation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.45.73.116 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

eluxer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:610b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

loadsource.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	analyticspage.tools analyticspage.tools	10 KB
18	billsheas.com billsheas.com	116 KB
3	umassmed.edu webmail.umassmed.edu	2 KB
2	eluxer.net 1 redirects eluxer.net	4 KB
2	jquery.com code.jquery.com	60 KB
1	loadsource.org loadsource.org	370 B
1	urlvalidation.com urlvalidation.com	241 B
0	Failed function sub() { [native code] }. Failed
52	8

	Domain	Requested by
25	analyticspage.tools	billsheas.com analyticspage.tools
18	billsheas.com	billsheas.com
3	webmail.umassmed.edu	billsheas.com
2	eluxer.net	1 redirects billsheas.com
2	code.jquery.com	billsheas.com eluxer.net
1	loadsource.org	billsheas.com
1	urlvalidation.com	billsheas.com
0	fdcgdnkidjaadafnichfpabhfomcebme Failed	billsheas.com
52	8

This site contains links to these domains. Also see Links.

Domain
webmail.umassmed.edu
go.microsoft.com

Subject Issuer	Validity	Valid
billsheas.com Let's Encrypt Authority X3	`2018-10-15` - `2019-01-13`	3 months	crt.sh
*.umassmed.edu GlobalSign Organization Validation CA - SHA256 - G2	`2014-04-09` - `2019-02-28`	5 years	crt.sh
sni237471.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-11-30` - `2019-06-08`	6 months	crt.sh
urlvalidation.com Let's Encrypt Authority X3	`2018-09-24` - `2018-12-23`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
www.eluxer.net COMODO RSA Domain Validation Secure Server CA	`2017-11-27` - `2018-12-12`	a year	crt.sh
sni174449.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-11-11` - `2019-05-20`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://billsheas.com/umassmed.edu/
Frame ID: CE775B22C6C7F2E0E60A47A5169AF58F
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Outlook Web App (Web Mail) Expand

Overall confidence: 100%
Detected patterns

env /^IsOwaPremiumBrowser$/i

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

env /^IsOwaPremiumBrowser$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^IsOwaPremiumBrowser$/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

env /^IsOwaPremiumBrowser$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

52
Requests

98 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

192 kB
Transfer

426 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://webmail.umassmed.edu/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.umassmed.edu%2fowa%2f
Title: show explanation

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=129362
Title: click here.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://eluxer.net/code?id=105&subid=51763_4926_ HTTP 302
https://eluxer.net/code?sck=1&id=105&subid=51763_4926_

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billsheas.com/umassmed.edu/ 10 KB
4 KB 607ms
204ms Document
text/html 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 10a2befbcbcffddd0e8e2f7e94e943fa6ec9196a77d2a616d0bc909d902199dd

Request headers

:method: GET
:authority: billsheas.com
:scheme: https
:path: /umassmed.edu/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx/1.14.1
date: Fri, 30 Nov 2018 23:10:25 GMT
content-type: text/html
last-modified: Fri, 30 Nov 2018 20:33:23 GMT
content-encoding: gzip

GET
H2 200 logon.css
billsheas.com/umassmed.edu/index_files/ 3 KB
1 KB 217ms
216ms Stylesheet
text/css 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/logon.css
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 72839e514fafe8ec94a991f13e8ba33dd99e29e7cde6d791166f6b1cf63af6dc

Request headers

:path: /umassmed.edu/index_files/logon.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: text/css

GET
H2 200 owafont.css
billsheas.com/umassmed.edu/index_files/ 5 KB
2 KB 219ms
218ms Stylesheet
text/css 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/owafont.css
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673

Request headers

:path: /umassmed.edu/index_files/owafont.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:23 GMT
server: nginx/1.14.1
content-type: text/css

GET
H2 200 flogon.js.download Show response
billsheas.com/umassmed.edu/index_files/ 4 KB
2 KB 239ms
239ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/flogon.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060

Request headers

:path: /umassmed.edu/index_files/flogon.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: application/javascript

GET
H2 200 lgntopl.gif
billsheas.com/umassmed.edu/index_files/ 4 KB
4 KB 216ms
216ms Image
image/gif 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgntopl.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: b478b93f8f9a262321211d8ce812cdd6accdfb4ede6e0230ccf44e77ad161f97

Request headers

:path: /umassmed.edu/index_files/lgntopl.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 4455
content-type: image/gif

GET
H2 200 lgntopr.gif
billsheas.com/umassmed.edu/index_files/ 581 B
699 B 218ms
217ms Image
image/gif 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgntopr.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301

Request headers

:path: /umassmed.edu/index_files/lgntopr.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 581
content-type: image/gif

GET
H2 200 lgnexlogo.gif
billsheas.com/umassmed.edu/index_files/ 61 B
178 B 364ms
362ms Image
image/gif 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgnexlogo.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4

Request headers

:path: /umassmed.edu/index_files/lgnexlogo.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 61
content-type: image/gif

GET
H2 200 lgnbotl.gif
billsheas.com/umassmed.edu/index_files/ 9 KB
9 KB 365ms
363ms Image
image/gif 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgnbotl.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b

Request headers

:path: /umassmed.edu/index_files/lgnbotl.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 9311
content-type: image/gif

GET
H2 200 lgnbotr.gif
billsheas.com/umassmed.edu/index_files/ 2 KB
2 KB 364ms
362ms Image
image/gif 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgnbotr.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e

Request headers

:path: /umassmed.edu/index_files/lgnbotr.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 2392
content-type: image/gif

GET
H2 200 133ebafdf9ab3696c1.js.download Show response
billsheas.com/umassmed.edu/index_files/ 82 KB
30 KB 205ms
205ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 9118ecdb6e831d03185b856fee8daf2fa87984830e1668c9737fba5b04c1ee66

Request headers

:path: /umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: application/javascript

GET
H2 200 lnkr5.min.js.download Show response
billsheas.com/umassmed.edu/index_files/ 6 KB
3 KB 388ms
388ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/lnkr5.min.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: b4efab68dcbf794bcc42e034123fba97ec5048cb11dd329dc82a8fe422ec29cc

Request headers

:path: /umassmed.edu/index_files/lnkr5.min.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: application/javascript

GET
H2 200 lnkr30_nt.min.js.download Show response
billsheas.com/umassmed.edu/index_files/ 4 KB
2 KB 363ms
361ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/lnkr30_nt.min.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: a127e7f8ceaa796a0e631f5f20c8a67e72d64cb5e396443c34c461ee27a3c630

Request headers

:path: /umassmed.edu/index_files/lnkr30_nt.min.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: application/javascript

GET
H2 200 code Show response
billsheas.com/umassmed.edu/index_files/ 8 KB
4 KB 367ms
365ms Script
text/plain 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/code
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 4859b29e2d2ab82db7c45c332a635ebb60f54812855f901887b7e984e7e706cd

Request headers

:path: /umassmed.edu/index_files/code
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: text/plain

GET
H2 200 validate-site.js.download Show response
billsheas.com/umassmed.edu/index_files/ 0
116 B 202ms
200ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/validate-site.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /umassmed.edu/index_files/validate-site.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Fri, 30 Nov 2018 20:33:23 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 0
content-type: application/javascript

GET
H2 200 133ebafdf9ab3696c1.js(1).download Show response
billsheas.com/umassmed.edu/index_files/ 9 KB
4 KB 365ms
363ms Script
text/plain 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js(1).download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: b7cdfdbf8952aa97f2355e414b4106c05e212db473626c4bc8241e1501b586dc

Request headers

:path: /umassmed.edu/index_files/133ebafdf9ab3696c1.js(1).download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: text/plain

GET
H2 200 script.js.download Show response
billsheas.com/umassmed.edu/index_files/ 58 KB
26 KB 363ms
361ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/script.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: c52b75e53a6ea4f813b6664c66300f394c27e8a99c596aefd7260ebf5921f992

Request headers

:path: /umassmed.edu/index_files/script.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:23 GMT
server: nginx/1.14.1
content-type: application/javascript

GET
H2 200 license.15.js.download Show response
billsheas.com/umassmed.edu/index_files/ 3 KB
2 KB 365ms
363ms Script
application/javascript 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://billsheas.com/umassmed.edu/index_files/license.15.js.download
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 1ca5c4af381128226dc6288c11b3c05c12e02aa941503b4b99ea7243bbd1ce3a

Request headers

:path: /umassmed.edu/index_files/license.15.js.download
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 20:33:22 GMT
server: nginx/1.14.1
content-type: application/javascript

GET webrtc-patch.js
fdcgdnkidjaadafnichfpabhfomcebme/scripts/ 0
0

GET
H/1.1 200
OK lgnbotm.gif
webmail.umassmed.edu/owa/14.3.301.0/themes/resources/ 276 B
571 B 678ms
102ms Image
image/gif 146.189.216.100
University of Mas...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.umassmed.edu/owa/14.3.301.0/themes/resources/lgnbotm.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.189.216.100 Worcester, United States, ASN1968 (UMASSP-DOM - University of Massachusettes, US),
Reverse DNS: owa.umassmed.edu
Software: / ASP.NET
Resource Hash: 6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a

Request headers

Referer: https://billsheas.com/umassmed.edu/index_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Age: 12118
X-Powered-By: ASP.NET
ETag: "043c328164ce1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 276

GET
H/1.1 200
OK lgnright.gif
webmail.umassmed.edu/owa/14.3.301.0/themes/resources/ 306 B
601 B 686ms
103ms Image
image/gif 146.189.216.100
University of Mas...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.umassmed.edu/owa/14.3.301.0/themes/resources/lgnright.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.189.216.100 Worcester, United States, ASN1968 (UMASSP-DOM - University of Massachusettes, US),
Reverse DNS: owa.umassmed.edu
Software: / ASP.NET
Resource Hash: a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775

Request headers

Referer: https://billsheas.com/umassmed.edu/index_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Age: 61716
X-Powered-By: ASP.NET
ETag: "043c328164ce1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 306

GET
H/1.1 200
OK lgnleft.gif
webmail.umassmed.edu/owa/14.3.301.0/themes/resources/ 290 B
585 B 684ms
103ms Image
image/gif 146.189.216.100
University of Mas...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.umassmed.edu/owa/14.3.301.0/themes/resources/lgnleft.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.189.216.100 Worcester, United States, ASN1968 (UMASSP-DOM - University of Massachusettes, US),
Reverse DNS: owa.umassmed.edu
Software: / ASP.NET
Resource Hash: 96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185

Request headers

Referer: https://billsheas.com/umassmed.edu/index_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Last-Modified: Wed, 06 Feb 2013 03:00:46 GMT
Age: 30119
X-Powered-By: ASP.NET
ETag: "043c328164ce1:0"
Content-Type: image/gif
Cache-Control: public,max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 290

GET
H2 503 lgntopm.gif
billsheas.com/umassmed.edu/index_files/ 21 KB
21 KB 2946ms
2945ms Image
text/html 192.254.235.72
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billsheas.com/umassmed.edu/index_files/lgntopm.gif
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.254.235.72 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 840bdffb9ae0ea57721005aa54fe108e48158a927baae683d7c432bf8edfb820

Request headers

:path: /umassmed.edu/index_files/lgntopm.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: billsheas.com
referer: https://billsheas.com/umassmed.edu/index_files/logon.css
:scheme: https
:method: GET
Referer: https://billsheas.com/umassmed.edu/index_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Nov 2018 23:10:28 GMT
server: nginx/1.14.1
content-type: text/html; charset=UTF-8
status: 503
cache-control: no-cache, must-revalidate, private
set-cookie: PHPSESSID=8dfb08c2ce07a834228305397d3cabc1; path=/
retry-after: 3600
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
S 200 /
analyticspage.tools/metric/ 43 B
341 B 83ms
17ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=&wid=51763&sid=&tid=4926&rid=LAUNCHED&t=1543619425696
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc309f59cad-AMS
content-length: 43

GET
H/1.1 200
OK filter-domains Show response
urlvalidation.com/ 23 B
241 B 32ms
13ms Script
application/javascript 138.201.253.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://urlvalidation.com/filter-domains?stub=33445&domains=billsheas.com
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/lnkr30_nt.min.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 138.201.253.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.253.201.138.clients.your-server.de
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: 6774520bdf2f4eb42fe040a3e16a7f541bd44d8083daf91d1b6302c62306bb58

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 30 Nov 2018 23:10:25 GMT
Referrer-Policy: no-referrer
Server: nginx/1.10.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK jquery-3.0.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 26ms
8ms XHR
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.0.0.min.js
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/code
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://billsheas.com/umassmed.edu/
Origin: https://billsheas.com

Response headers

Date: Fri, 30 Nov 2018 23:10:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2016 18:32:50 GMT
Server: nginx
ETag: W/"5759b652-15145"
Vary: Accept-Encoding
X-HW: 1543619425.dop033.fr8.shc,1543619425.dop033.fr8.t,1543619425.cds099.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29995

GET
S 200 log Show response
analyticspage.tools/ 0
99 B 25ms
25ms Script
text/html 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/log?l=error&m=Cannot%20read%20property%20%27title%27%20of%20undefined%7CTypeError%3A%20Cannot%20read%20property%20%27title%27%20of%20undefined%0A%20%20%20%20at%20https%3A%2F%2Fbillsheas.com%2Fumassmed.edu%2Findex_files%2F133ebafdf9ab3696c1.js(1).download%3A1%3A1409%0A%20%20%20%20at%20https%3A%2F%2Fbillsheas.com%2Fumassmed.edu%2Findex_files%2F133ebafdf9ab3696c1.js(1).download%3A1%3A5345%0A%20%20%20%20at%20https%3A%2F%2Fbillsheas.com%2Fumassmed.edu%2Findex_files%2F133ebafdf9ab3696c1.js(1).download%3A1%3A8258&t=1543619425891
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js(1).download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 4820fcc3dac29cad-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8

GET
S 200 get Show response
analyticspage.tools/optout/ 144 B
206 B 18ms
18ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/optout/get?jsonp=__twb_cb_750744964&key=133ebafdf9ab3696c1&t=1543619425911
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f6ce13e72002dce9f8c5b92e9a0eeeb9097b575f5b249956359c9068451eb9

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 4820fcc3fadd9cad-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 16ms
15ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=&wid=51763&sid=&tid=4926&rid=LOADED&custom1=billsheas.com&custom2=/umassmed.edu/&custom3=analyticspage.tools&t=1543619425910
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc3fadf9cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 17ms
16ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=&wid=51763&sid=&tid=4926&rid=BEFORE_OPTOUT_REQ&t=1543619425911
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc3fae49cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 17ms
16ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=&wid=51763&sid=&tid=4926&rid=FINISHED&custom1=billsheas.com&t=1543619425912
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc3fae59cad-AMS
content-length: 43

GET
S 200 userid Show response
analyticspage.tools/optout/set/ 0
79 B 18ms
17ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/optout/set/userid?jsonp=__twb_cb_603497710&key=133ebafdf9ab3696c1&cv=37&t=1543619425952
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
server: cloudflare
cf-ray: 4820fcc43b249cad-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
S 200 strtm Show response
analyticspage.tools/optout/set/ 0
85 B 18ms
18ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/optout/set/strtm?jsonp=__twb_cb_513767559&key=133ebafdf9ab3696c1&cv=1543619426&t=1543619425953
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
server: cloudflare
cf-ray: 4820fcc43b259cad-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
S 200 lat Show response
analyticspage.tools/optout/set/ 0
83 B 18ms
18ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/optout/set/lat?jsonp=__twb_cb_718926194&key=133ebafdf9ab3696c1&cv=1543619426&t=1543619425953
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
server: cloudflare
cf-ray: 4820fcc43b269cad-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
S 200 lt Show response
analyticspage.tools/optout/set/ 0
76 B 18ms
18ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/optout/set/lt?jsonp=__twb_cb_262653821&key=133ebafdf9ab3696c1&cv=0&t=1543619425953
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
server: cloudflare
cf-ray: 4820fcc43b279cad-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
S 200 lnkr5.min.js Show response
analyticspage.tools/addons/ 6 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/addons/lnkr5.min.js
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4efab68dcbf794bcc42e034123fba97ec5048cb11dd329dc82a8fe422ec29cc

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Jun 2018 11:30:38 GMT
server: cloudflare
etag: W/"5b28e95e-161a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4820fcc44b2b9cad-AMS
expires: Sat, 01 Dec 2018 03:10:25 GMT

GET
S 200 lnkr30_nt.min.js Show response
analyticspage.tools/addons/ 4 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/addons/lnkr30_nt.min.js
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a127e7f8ceaa796a0e631f5f20c8a67e72d64cb5e396443c34c461ee27a3c630

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Jun 2018 11:30:38 GMT
server: cloudflare
etag: W/"5b28e95e-e8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4820fcc44b2c9cad-AMS
expires: Sat, 01 Dec 2018 03:10:25 GMT

GET
H/1.1

200
OK

code Show response
eluxer.net/
Redirect Chain

https://eluxer.net/code?id=105&subid=51763_4926_
https://eluxer.net/code?sck=1&id=105&subid=51763_4926_

8 KB
4 KB

17ms
16ms

Script
text/plain

5.45.73.116
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eluxer.net/code?sck=1&id=105&subid=51763_4926_

Requested by

Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

5.45.73.116 , Netherlands, ASN50673 (SERVERIUS-AS, NL),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4859b29e2d2ab82db7c45c332a635ebb60f54812855f901887b7e984e7e706cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
ETag: W/"20ea-uUHI/oifJljxYIuR4mgPBg"
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Time: 2.027337

Redirect headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_
Connection: keep-alive
Content-Type: text/html; charset=utf-8
X-Time: 0.72739
Content-Length: 155

GET
S 200 validate-site.js Show response
loadsource.org/91a2556838a7c33eac284eea30bdcc29/ 0
370 B 88ms
31ms Script
text/html 2606:4700:e0::ac40:610b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://loadsource.org/91a2556838a7c33eac284eea30bdcc29/validate-site.js?uid=51763x4926x&r=1543619425961
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e0::ac40:610b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Nov 2018 23:10:26 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4820fcc4aaffbf8e-AMS
expires: 0

GET
S 200 133ebafdf9ab3696c1.js Show response
analyticspage.tools/ext/ 9 KB
4 KB 14ms
14ms Script
text/javascript 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/ext/133ebafdf9ab3696c1.js?sid=51763_4926_&title=Not%20set&blocks[]=02aed
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/index_files/133ebafdf9ab3696c1.js.download
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7cdfdbf8952aa97f2355e414b4106c05e212db473626c4bc8241e1501b586dc

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
x-node-name: front7
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 4820fcc44b319cad-AMS
expires: Sat, 01 Dec 2018 03:10:25 GMT

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 25ms
24ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=&wid=51763&sid=&tid=4926&rid=OPTOUT_RESPONSE_OK&t=1543619425952
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc44b339cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 15ms
14ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=cd1d2&wid=51763&sid=&tid=4926&rid=MNTZ_INJECT&t=1543619425959
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc44b349cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 17ms
15ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=6a131&wid=51763&sid=&tid=4926&rid=MNTZ_INJECT&t=1543619425960
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc44b359cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 17ms
15ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=865b2&wid=51763&sid=&tid=4926&rid=MNTZ_INJECT&t=1543619425960
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc44b369cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 20ms
18ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=90f06&wid=51763&sid=&tid=4926&rid=MNTZ_INJECT&t=1543619425961
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc45b3b9cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 21ms
20ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=02aed&wid=51763&sid=&tid=4926&rid=MNTZ_INJECT&t=1543619425963
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc45b3c9cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 30ms
30ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=cd1d2&wid=51763&sid=&tid=4926&rid=MNTZ_LOADED&t=1543619425978
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc46b479cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 15ms
15ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=6a131&wid=51763&sid=&tid=4926&rid=MNTZ_LOADED&t=1543619425979
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc46b4c9cad-AMS
content-length: 43

GET
S 200 log Show response
analyticspage.tools/ 0
76 B 26ms
26ms Script
text/html 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticspage.tools/log?l=error&m=Cannot%20read%20property%20%27getItem%27%20of%20null%7CTypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%0A%20%20%20%20at%20Object.lget%20(https%3A%2F%2Fanalyticspage.tools%2Fext%2F133ebafdf9ab3696c1.js%3Fsid%3D51763_4926_%26title%3DNot%2520set%26blocks%5B%5D%3D02aed%3A1%3A1597)%0A%20%20%20%20at%20Object.getSiteConfig%20(https%3A%2F%2Fanalyticspage.tools%2Fext%2F133ebafdf9ab3696c1.js%3Fsid%3D51763_4926_%26title%3DNot%2520set%26blocks%5B%5D%3D02aed%3A1%3A1674)%0A%20%20%20%20at%20https%3A%2F%2Fanalyticspage.tools%2Fext%2F133ebafdf9ab3696c1.js%3Fsid%3D51763_4926_%26title%3DNot%2520set%26blocks%5B%5D%3D02aed%3A1%3A5449%0A%20%20%20%20at%20https%3A%2F%2Fanalyticspage.tools%2Fext%2F133ebafdf9ab3696c1.js%3Fsid%3D51763_4926_%26title%3DNot%2520set%26blocks%5B%5D%3D02aed%3A1%3A8258&t=1543619425982
Requested by: Host: analyticspage.tools
URL: https://analyticspage.tools/ext/133ebafdf9ab3696c1.js?sid=51763_4926_&title=Not%20set&blocks[]=02aed
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 30 Nov 2018 23:10:25 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 4820fcc46b4f9cad-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8

GET
S 200 metric
analyticspage.tools/ 43 B
95 B 25ms
25ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric?mid=&51763&&4926&rid=PLATFORM_JS_ERROR&t=1543619425982
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc46b519cad-AMS
content-length: 43

GET
S 200 /
analyticspage.tools/metric/ 43 B
118 B 17ms
16ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=90f06&wid=51763&sid=&tid=4926&rid=MNTZ_LOADED&t=1543619426051
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:26 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc4dba89cad-AMS
content-length: 43

GET
H/1.1 200
OK jquery-3.0.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 7ms
6ms XHR
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.0.0.min.js
Requested by: Host: eluxer.net
URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://billsheas.com/umassmed.edu/
Origin: https://billsheas.com

Response headers

Date: Fri, 30 Nov 2018 23:10:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2016 18:32:50 GMT
Server: nginx
ETag: W/"5759b652-15145"
Vary: Accept-Encoding
X-HW: 1543619425.dop033.fr8.shc,1543619425.dop033.fr8.t,1543619426.cds099.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29995

GET
S 200 /
analyticspage.tools/metric/ 43 B
95 B 17ms
16ms Image
image/gif 2606:4700:e2::ac40:8610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspage.tools/metric/?mid=865b2&wid=51763&sid=&tid=4926&rid=MNTZ_LOADED&t=1543619426103
Requested by: Host: billsheas.com
URL: https://billsheas.com/umassmed.edu/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:e2::ac40:8610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://billsheas.com/umassmed.edu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 30 Nov 2018 23:10:26 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 4820fcc52bf89cad-AMS
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fdcgdnkidjaadafnichfpabhfomcebme
URL: chrome-extension://fdcgdnkidjaadafnichfpabhfomcebme/scripts/webrtc-patch.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billsheas.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8dfb08c2ce07a834228305397d3cabc1
billsheas.com/	1970-01-18 21:01:23	Name: __lnkrntdmcvrd Value: -1
billsheas.com/umassmed.edu	1969-12-31 23:59:59	Name: cookieTest Value: 1

54 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	warning	(Line 2) Message: jQuery.Deferred exception: chrome is not defined
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	warning	(Line 2) Message: jQuery.Deferred exception: chrome is not defined
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://billsheas.com/umassmed.edu/index_files/code(Line 1) Message: console.clear
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://eluxer.net/code?sck=1&id=105&subid=51763_4926_(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analyticspage.tools
billsheas.com
code.jquery.com
eluxer.net
fdcgdnkidjaadafnichfpabhfomcebme
loadsource.org
urlvalidation.com
webmail.umassmed.edu
fdcgdnkidjaadafnichfpabhfomcebme
138.201.253.2
146.189.216.100
192.254.235.72
205.185.208.52
2606:4700:e0::ac40:610b
2606:4700:e2::ac40:8610
5.45.73.116
0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b
10a2befbcbcffddd0e8e2f7e94e943fa6ec9196a77d2a616d0bc909d902199dd
1ca5c4af381128226dc6288c11b3c05c12e02aa941503b4b99ea7243bbd1ce3a
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
4859b29e2d2ab82db7c45c332a635ebb60f54812855f901887b7e984e7e706cd
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673
6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a
6774520bdf2f4eb42fe040a3e16a7f541bd44d8083daf91d1b6302c62306bb58
72839e514fafe8ec94a991f13e8ba33dd99e29e7cde6d791166f6b1cf63af6dc
840bdffb9ae0ea57721005aa54fe108e48158a927baae683d7c432bf8edfb820
9118ecdb6e831d03185b856fee8daf2fa87984830e1668c9737fba5b04c1ee66
96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e
a127e7f8ceaa796a0e631f5f20c8a67e72d64cb5e396443c34c461ee27a3c630
a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4
b478b93f8f9a262321211d8ce812cdd6accdfb4ede6e0230ccf44e77ad161f97
b4efab68dcbf794bcc42e034123fba97ec5048cb11dd329dc82a8fe422ec29cc
b7cdfdbf8952aa97f2355e414b4106c05e212db473626c4bc8241e1501b586dc
c52b75e53a6ea4f813b6664c66300f394c27e8a99c596aefd7260ebf5921f992
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6ce13e72002dce9f8c5b92e9a0eeeb9097b575f5b249956359c9068451eb9
f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301

billsheas.com Open in urlscan Pro 192.254.235.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

29 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

192 kBTransfer

426 kBSize

3 Cookies

2 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

billsheas.com Open in urlscan Pro
192.254.235.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

192 kB
Transfer

426 kB
Size

3
Cookies

52 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!