www.billandpay.com Open in urlscan Pro
2606:4700::6812:e28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gobillandpay.com/pyrocomm
Effective URL:
https://www.billandpay.com/go/pyrocomm
Submission: On November 21 via api (November 21st 2024, 4:54:37 pm UTC) from RU — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:e28, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billandpay.com. The Cisco Umbrella rank of the primary domain is 407248.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.

This is the only time www.billandpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:989d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:e28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:c96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:d96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	4

1 2606:4700:3037::ac43:989d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gobillandpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:e28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.billandpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c96 (United States)

ASN13335 (CLOUDFLARENET, US)

content.i3verticals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d96 (United States)

ASN13335 (CLOUDFLARENET, US)

api.i3verticals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.i3verticals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	billandpay.com 1 redirects www.billandpay.com — Cisco Umbrella Rank: 407248	53 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	i3verticals.com content.i3verticals.com — Cisco Umbrella Rank: 789925 api.i3verticals.com — Cisco Umbrella Rank: 989862	12 KB
1	gobillandpay.com 1 redirects www.gobillandpay.com	740 B
18	4

	Domain	Requested by
8	www.billandpay.com	1 redirects www.billandpay.com
7	fonts.googleapis.com	www.billandpay.com
2	api.i3verticals.com	content.i3verticals.com
2	content.i3verticals.com	www.billandpay.com content.i3verticals.com
1	www.gobillandpay.com	1 redirects
18	5

This site contains no links.

Subject Issuer	Validity	Valid
billandpay.com WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
i3verticals.com Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.billandpay.com/go/pyrocomm
Frame ID: B2607C840A525223BEBE9F6BD41B30EB
Requests: 2 HTTP requests in this frame

Frame: https://www.billandpay.com/payerportal/?m=25166&il=1
Frame ID: 0CF2CC17A074813A92FD374FD684301C
Requests: 14 HTTP requests in this frame

Frame: https://content.i3verticals.com/uapi/plugins/0085a1062d/a/forms/invoice-payer/?i=1&psid=invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N
Frame ID: A900022CE7D8B244A52ED00873AB7702
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pyro-Comm Systems, Inc.

Page URL History Show full URLs

https://www.gobillandpay.com/pyrocomm HTTP 307
https://www.billandpay.com/go/pyrocomm Page URL

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

70 kB
Transfer

133 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gobillandpay.com/pyrocomm HTTP 307
https://www.billandpay.com/go/pyrocomm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.billandpay.com/web/accountbyinvoice.php?m=25166 HTTP 302
https://www.billandpay.com/payerportal/?m=25166&il=1

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pyrocomm Show response
www.billandpay.com/go/
Redirect Chain

https://www.gobillandpay.com/pyrocomm
https://www.billandpay.com/go/pyrocomm

234 B
435 B

914ms
530ms

Document
text/html

2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/go/pyrocomm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

ffd9b3e724b2e9664a76c7b4c9bc78e32d17a627f8b4db8e649f52b18af1977d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e6233c87ad83649-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 21 Nov 2024 16:54:33 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.29

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e6233c49842199b-FRA
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 16:54:32 GMT
location: https://www.billandpay.com/go/pyrocomm
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX4aNRcCJE92l2LnXEEuBR%2FCMHp5AcUgUFmT8ASwm8cSS4hKV0%2BkPNlbnRhzZImtuqEUytr1nF5x%2BDkEzBdgHbVKnV%2BGW1m3YBeKGrB3wH79fHN6NBi4xxruazMAADlpPuig01TqDwnOW7rQPqn84%2FAV4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7741&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4223&recv_bytes=5668&delivery_rate=755&cwnd=12000&unsent_bytes=0&cid=0c0cdf7da0812792&ts=235&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: PHP/8.1.29

GET
H2

200

/ Show response
www.billandpay.com/payerportal/ Frame 0CF2
Redirect Chain

https://www.billandpay.com/web/accountbyinvoice.php?m=25166
https://www.billandpay.com/payerportal/?m=25166&il=1

22 KB
4 KB

378ms
377ms

Document
text/html

2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/?m=25166&il=1

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/go/pyrocomm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

16d1ff8f93510f69591d38bd7421474e294c4567ffdd02f655a39365a6a98d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.billandpay.com/go/pyrocomm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e6233ceab2d3649-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 21 Nov 2024 16:54:34 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.29

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e6233cd29483649-FRA
content-type: text/html;charset=ISO-8859-1
date: Thu, 21 Nov 2024 16:54:34 GMT
location: https://www.billandpay.com/payerportal/?m=25166&il=1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.29

GET
H2 200 /
www.billandpay.com/payerportal/css/ Frame 0CF2 10 KB
2 KB 244ms
241ms Stylesheet
text/css 2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/css/?m=25166

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

b95ed3ce7880edde584d9acd4ac4a94dde6ae0271bb5d1bd4f6e369f1bb09f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/payerportal/?m=25166&il=1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8e6233d12e553649-FRA
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css;charset=UTF-8
x-powered-by: PHP/8.1.29
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 1 KB
540 B 51ms
25ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alfa%20Slab%20One

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

115be5b7d7dc0b62db74a99b801f00ea57099a17bbbf719d3fcb95e2c2dc7770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:54:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 1 KB
913 B 41ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e81ead071f7d2cb3364fa3d2a14edf13df6796d11bfd962ca2ea366e3528f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:28:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 2 KB
632 B 53ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lobster

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7753f06a06370fce2220b134a78faf2c148424dda00e19af63c47ff36b179aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:19:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 2 KB
693 B 50ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:01:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 2 KB
727 B 53ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc7fd54805b7df2c3586125912e043d405e835d5baee33bf4adfd97bfc24c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:00:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ Frame 0CF2 781 B
471 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ultra

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

963e366b8c8a1a79269f9c42c98d0767e7e33d074996847460219875d4f98915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 16:54:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ Frame 0CF2 2 KB
707 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 16:54:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 15:55:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 i3bp.png
www.billandpay.com/ Frame 0CF2 20 KB
20 KB 24ms
23ms Image
image/png 2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billandpay.com/i3bp.png

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217192a4e6601f40b0021e87509b848923a34536eef089ee8b0a41901fe7cb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/payerportal/?m=25166&il=1

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "4e64-6039a31dee0e8"
age: 3760
cf-ray: 8e6233d12e593649-FRA
expires: Thu, 21 Nov 2024 20:54:34 GMT
accept-ranges: bytes
content-length: 20068
date: Thu, 21 Nov 2024 16:54:34 GMT
content-type: image/png
last-modified: Wed, 23 Aug 2023 17:10:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 / Show response
www.billandpay.com/payerportal/ Frame 0CF2 157 B
236 B 1074ms
1072ms XHR
application/json 2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/?m=25166&il=1&startup=1

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

0689949324bf6c002aa6d879320ba37aa8d7bb0ae2ed096cc60c91246945b550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/payerportal/?m=25166&il=1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8e6233d2b84a3649-FRA
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Thu, 21 Nov 2024 16:54:35 GMT
content-type: application/json
x-powered-by: PHP/8.1.29
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 websitelogo.png
www.billandpay.com/images/b/25166/ Frame 0CF2 25 KB
25 KB 481ms
479ms Image
image/png 2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billandpay.com/images/b/25166/websitelogo.png

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6f080f4b202a0dfea30465fdfcb57ad9dc3781a6abbd5cf5f4a27ff4963795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/payerportal/?m=25166&il=1

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "62f5-60f134b12c320"
age: 0
cf-ray: 8e6233d2b84c3649-FRA
expires: Thu, 21 Nov 2024 20:54:35 GMT
accept-ranges: bytes
content-length: 25333
date: Thu, 21 Nov 2024 16:54:35 GMT
content-type: image/png
last-modified: Tue, 16 Jan 2024 17:16:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 favicon.ico
www.billandpay.com/ 4 KB
1 KB 470ms
469ms Other
image/vnd.microsoft.icon 2606:4700::6812:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56034e9901bf9eb9d2b45fb16056b7585e3cfa05684a6df987e831ebd04b0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/go/pyrocomm

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"e36-6039a31d49818"
cf-ray: 8e6233d5bc1c3649-FRA
expires: Thu, 21 Nov 2024 20:54:35 GMT
date: Thu, 21 Nov 2024 16:54:35 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 23 Aug 2023 17:10:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 i3plugins.js Show response
content.i3verticals.com/uapi/plugins/0085a1062d/a/ Frame 0CF2 40 KB
11 KB 559ms
531ms Script
application/javascript 2606:4700::6812:c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.i3verticals.com/uapi/plugins/0085a1062d/a/i3plugins.js

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=25166&il=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597f43fd96cc3307e4e0a026eac3a610fb7b39cc34f1c4a712544df9f180c0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.billandpay.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"a0be-62656f1b69aaa"
x-content-type-options: nosniff
cf-ray: 8e6233d99b055bed-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 16:54:36 GMT
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 18:38:44 GMT
server: cloudflare

GET
H3 200 invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N Show response
api.i3verticals.com/v2/plugins/invoice-payer/ Frame 0CF2 1 KB
2 KB 216ms
216ms XHR
application/json 2606:4700::6812:d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.i3verticals.com/v2/plugins/invoice-payer/invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N

Requested by

Host: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/0085a1062d/a/i3plugins.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea70a14d9e7b44a450daf7afb318d631b49a01d2d7101eee4cda2ae8f7f411d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json

Response headers

x-request-id: 180a6b51-f759-480f-a208-aa2122e55754
access-control-max-age: 3628800
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BZaEb2VfFPNjjW3qHgXnsQzFQ7Ck8uOUGZgBJTpDMimJhgnlOO1ds%2FeknzrnQQjw%2F3KExoAr7ox9kgxj2KbwpSDoufVoLlyZjVtFYP3wpGypCdQ9r1%2BnqBWfT%2FVlv3NCru8TD1ACUeNkS6MLCgjP%2BqqTd%2FjqaA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,PATCH,OPTIONS
x-amzn-requestid: 180a6b51-f759-480f-a208-aa2122e55754
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4457&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4339&recv_bytes=1514&delivery_rate=1488250000&cwnd=42&unsent_bytes=0&cid=96e2b7564378752c&ts=574&x=0"
date: Thu, 21 Nov 2024 16:54:36 GMT
content-type: application/json
access-control-allow-headers: Origin,Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id: BmzYEGNXoAMEiAQ=
x-amzn-trace-id: Root=1-673f65cc-3759ce582e61e47e6df667c8;Parent=7c7f668caca554c9;Sampled=0;Lineage=2:5548bea5:0
cf-ray: 8e6233dfcc21d286-FRA
access-control-allow-origin: https://www.billandpay.com
server: cloudflare

OPTIONS
H3 200 invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N
api.i3verticals.com/v2/plugins/invoice-payer/ Frame 0
0 421ms
393ms Preflight
application/json 2606:4700::6812:d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.i3verticals.com/v2/plugins/invoice-payer/invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.billandpay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET,POST,PUT,PATCH,OPTIONS
access-control-allow-origin: https://www.billandpay.com
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e6233dd5d1dd286-FRA
content-length: 0
content-type: application/json
date: Thu, 21 Nov 2024 16:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vt4YAq7T0xpB80EUIVVI8bZEvNyEOcg12PvoQ9Iu8VfH1RVNGNOIZAlMCctEgsJeUsz7V9Z813qvbbnQAOSzYuJtMK4dfxv6oZVRutmiPwoEnExrtDeguccFXtpluFDiTIqBLDcQ%2FH8RC3w1SxYE7fdW0lkrL8g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5078&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3378&recv_bytes=1310&delivery_rate=1488250000&cwnd=41&unsent_bytes=0&cid=96e2b7564378752c&ts=357&x=0"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-apigw-id: BmzYCEwxIAMEnZg=
x-amzn-requestid: 8027fc1b-4b13-4066-a4f1-7030a3cc382f
x-amzn-trace-id: Root=1-673f65cc-0de80a524f99ed2745fb4fac;Parent=0a61174d1a64fab2;Sampled=0;Lineage=1:5548bea5:0
x-content-type-options: nosniff

GET
H3 200 /
content.i3verticals.com/uapi/plugins/0085a1062d/a/forms/invoice-payer/ Frame A900 0
0 428ms
419ms Document
text/html 2606:4700::6812:d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.i3verticals.com/uapi/plugins/0085a1062d/a/forms/invoice-payer/?i=1&psid=invoice-payer_OTbjAJOgls1fW269NT3exANvCoagEac7hajOHaiUQh6BF47N

Requested by

Host: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/0085a1062d/a/i3plugins.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.billandpay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e6233e14bbfdc89-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 16:54:37 GMT
last-modified: Thu, 07 Nov 2024 18:38:44 GMT
server: cloudflare
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			content.i3verticals.com/	1970-01-21 01:20:12	Name: AWSALBCORS Value: XJYSWbUqXyEoxGssPPgoNRH32OcC1A4+tuxe2DZFygpl8JhNJF7ZF7LdSVWW7LfQASqh6FRb8qHiMUOUF93rp1yEj111v/Lw2Qg0mkqCS3X6Vo+g3j+xVH52lgz/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.i3verticals.com
content.i3verticals.com
fonts.googleapis.com
www.billandpay.com
www.gobillandpay.com
2606:4700:3037::ac43:989d
2606:4700::6812:c96
2606:4700::6812:d96
2606:4700::6812:e28
2a00:1450:4001:80b::200a
0689949324bf6c002aa6d879320ba37aa8d7bb0ae2ed096cc60c91246945b550
115be5b7d7dc0b62db74a99b801f00ea57099a17bbbf719d3fcb95e2c2dc7770
16d1ff8f93510f69591d38bd7421474e294c4567ffdd02f655a39365a6a98d53
217192a4e6601f40b0021e87509b848923a34536eef089ee8b0a41901fe7cb72
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
2e81ead071f7d2cb3364fa3d2a14edf13df6796d11bfd962ca2ea366e3528f23
597f43fd96cc3307e4e0a026eac3a610fb7b39cc34f1c4a712544df9f180c0a7
5cc7fd54805b7df2c3586125912e043d405e835d5baee33bf4adfd97bfc24c05
7753f06a06370fce2220b134a78faf2c148424dda00e19af63c47ff36b179aed
7b6f080f4b202a0dfea30465fdfcb57ad9dc3781a6abbd5cf5f4a27ff4963795
8ea70a14d9e7b44a450daf7afb318d631b49a01d2d7101eee4cda2ae8f7f411d
963e366b8c8a1a79269f9c42c98d0767e7e33d074996847460219875d4f98915
a56034e9901bf9eb9d2b45fb16056b7585e3cfa05684a6df987e831ebd04b0f8
adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06
b95ed3ce7880edde584d9acd4ac4a94dde6ae0271bb5d1bd4f6e369f1bb09f54
ffd9b3e724b2e9664a76c7b4c9bc78e32d17a627f8b4db8e649f52b18af1977d

www.billandpay.com Open in urlscan Pro 2606:4700::6812:e28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

70 kBTransfer

133 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.billandpay.com Open in urlscan Pro
2606:4700::6812:e28 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

70 kB
Transfer

133 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions