www.billandpay.com Open in urlscan Pro
2606:4700::6812:17cb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billpay.shredboss.com/
Effective URL:
https://www.billandpay.com/go/ipssb
Submission: On December 15 via automatic, source certstream-suspicious (December 15th 2023, 2:03:29 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:17cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billandpay.com. The Cisco Umbrella rank of the primary domain is 340392.
TLS certificate: Issued by E1 on October 18th 2023. Valid for: 3 months.

This is the only time www.billandpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.212.86.118 35.212.86.118	15169 (GOOGLE) (GOOGLE)
1 7	2606:4700::68... 2606:4700::6812:17cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:c96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:d96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	5

1 35.212.86.118 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 118.86.212.35.bc.googleusercontent.com

billpay.shredboss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:17cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.billandpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c96 (United States)

ASN13335 (CLOUDFLARENET, US)

content.i3verticals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d96 (United States)

ASN13335 (CLOUDFLARENET, US)

api.i3verticals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
7	billandpay.com 1 redirects www.billandpay.com — Cisco Umbrella Rank: 340392	36 KB
4	i3verticals.com content.i3verticals.com api.i3verticals.com	15 KB
1	shredboss.com 1 redirects billpay.shredboss.com	140 B
19	4

	Domain	Requested by
7	fonts.googleapis.com	www.billandpay.com
7	www.billandpay.com	1 redirects www.billandpay.com
2	api.i3verticals.com	content.i3verticals.com
2	content.i3verticals.com	www.billandpay.com content.i3verticals.com
1	billpay.shredboss.com	1 redirects
19	5

This site contains no links.

Subject Issuer	Validity	Valid
billandpay.com E1	`2023-10-18` - `2024-01-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
i3verticals.com Cloudflare Inc ECC CA-3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.billandpay.com/go/ipssb
Frame ID: 799F77E850683EF14946ABB86CF74024
Requests: 1 HTTP requests in this frame

Frame: https://www.billandpay.com/payerportal/?m=16977&il=1
Frame ID: F3F4F08AAE388D5D4193C20F7470CE48
Requests: 14 HTTP requests in this frame

Frame: https://content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/invoice-payer/?i=1&psid=invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B
Frame ID: A4072E36BAFAB6B20F1B9217E03EFCBA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IPS Inc - Shred Boss LLC

Page URL History Show full URLs

https://billpay.shredboss.com/ HTTP 301
https://www.billandpay.com/go/ipssb Page URL

Page Statistics

19
Requests

89 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

55 kB
Transfer

125 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billpay.shredboss.com/ HTTP 301
https://www.billandpay.com/go/ipssb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.billandpay.com/web/accountbyinvoice.php?m=16977 HTTP 302
https://www.billandpay.com/payerportal/?m=16977&il=1

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ipssb Show response
www.billandpay.com/go/
Redirect Chain

https://billpay.shredboss.com/
https://www.billandpay.com/go/ipssb

235 B
437 B

581ms
524ms

Document
text/html

2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/go/ipssb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.23

Resource Hash

f9bd598644164c3e374661bac415f1cf6b35d05491a54d203fcf9880e9ca2fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 835f3ad82ff19229-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 15 Dec 2023 14:03:25 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.23

Redirect headers

content-length: 24
content-type: text/plain
date: Fri, 15 Dec 2023 14:03:24 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
location: https://www.billandpay.com/go/ipssb
server: nginx
x-proxy-cache-info: DT:1

GET
H2

200

/ Show response
www.billandpay.com/payerportal/ Frame F3F4
Redirect Chain

https://www.billandpay.com/web/accountbyinvoice.php?m=16977
https://www.billandpay.com/payerportal/?m=16977&il=1

22 KB
4 KB

290ms
290ms

Document
text/html

2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/?m=16977&il=1

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/go/ipssb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.23

Resource Hash

3c0c295847f918aae40ad5bd8ce1659c88d644065b919c05918e0b8747231bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.billandpay.com/go/ipssb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 835f3addbd829229-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 15 Dec 2023 14:03:25 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.23

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 835f3adbfbd89229-FRA
content-type: text/html;charset=ISO-8859-1
date: Fri, 15 Dec 2023 14:03:25 GMT
location: https://www.billandpay.com/payerportal/?m=16977&il=1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.23

GET
H2 200 /
www.billandpay.com/payerportal/css/ Frame F3F4 10 KB
2 KB 555ms
554ms Stylesheet
text/css 2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/css/?m=16977

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.23

Resource Hash

137b36087f7296163a0bb7b84a7f2e60b393d56734af6b1be094fad1bee0938a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/payerportal/?m=16977&il=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.23
x-frame-options: SAMEORIGIN
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/css;charset=UTF-8
cf-ray: 835f3adf9f779229-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 1 KB
538 B 42ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alfa%20Slab%20One

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79e258d38680ff8c63837596dabacc845d237f1f327bbc8d5633008f1bd51e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 14:01:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 1 KB
512 B 44ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f33393d817b8ab9a703ea9e2b487b56798559607e4019f9ad961a47b728e37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 13:48:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 2 KB
943 B 40ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lobster

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9022374b17bcce55b2673262b0c8ea50d6c2837607af5a2a2eccc4732a63c62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 14:02:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 2 KB
643 B 42ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 13:46:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 2 KB
677 B 52ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07f7335b4dfa782be77920282545739a979df7df72fa55b30e47acd55f77b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 13:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3F4 383 B
372 B 43ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ultra

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a84b6f1471871d8ae9b74a6536ebbdd19955364a55da3f5e242d00c3f78fd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 14:03:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F3F4 2 KB
658 B 55ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 13:50:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:03:26 GMT

GET
H2 200 i3bp.png
www.billandpay.com/ Frame F3F4 20 KB
20 KB 124ms
124ms Image
image/png 2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billandpay.com/i3bp.png

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217192a4e6601f40b0021e87509b848923a34536eef089ee8b0a41901fe7cb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/payerportal/?m=16977&il=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 17:10:56 GMT
server: cloudflare
etag: "4e64-6039a31dee0e8"
content-type: image/png
accept-ranges: bytes
cf-ray: 835f3adf9f799229-FRA
content-length: 20068

GET
H2 200 / Show response
www.billandpay.com/payerportal/ Frame F3F4 157 B
261 B 1015ms
1015ms XHR
application/json 2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.billandpay.com/payerportal/?m=16977&il=1&startup=1

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.23

Resource Hash

d1df75f1e401f4f06d57d70f86a6acd35e2e7b9f11cb387eecb45f728351b26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/payerportal/?m=16977&il=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.23
x-frame-options: SAMEORIGIN
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/json
cf-ray: 835f3ae30af69229-FRA

GET
H2 200 websitelogo.png
www.billandpay.com/images/b/16977/ Frame F3F4 9 KB
10 KB 123ms
122ms Image
image/png 2606:4700::6812:17cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.billandpay.com/images/b/16977/websitelogo.png

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af679b886e0a25a8316392551b03a2cc66e5b1df240ae5a172ee56f87e16259c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/payerportal/?m=16977&il=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 23:20:22 GMT
server: cloudflare
etag: "25cc-6042c2be89980"
content-type: image/png
accept-ranges: bytes
cf-ray: 835f3ae30af89229-FRA
content-length: 9676

GET
H2 200 i3plugins.js Show response
content.i3verticals.com/uapi/plugins/007110d7ba/a/ Frame F3F4 40 KB
11 KB 550ms
486ms Script
application/javascript 2606:4700::6812:c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.i3verticals.com/uapi/plugins/007110d7ba/a/i3plugins.js

Requested by

Host: www.billandpay.com
URL: https://www.billandpay.com/payerportal/?m=16977&il=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2182c136a41410b9500fb8156e216c05b5390ec00e21dd97dcda3f03430a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.billandpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Dec 2023 15:20:36 GMT
server: cloudflare
etag: W/"a0be-60c79d35921b7"
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 835f3ae9ca619a00-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B Show response
api.i3verticals.com/v2/plugins/invoice-payer/ Frame F3F4 1 KB
1 KB 227ms
227ms XHR
application/json 2606:4700::6812:d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.i3verticals.com/v2/plugins/invoice-payer/invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B

Requested by

Host: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/007110d7ba/a/i3plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07cfd02f4dc11b17e67b2ac6d21aee2b81183cf03a3cdfa6a627e333bf4bc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.billandpay.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:03:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-amzn-requestid: 35547058-2a22-4897-bd43-592c2615cbd9
alt-svc: h3=":443"; ma=86400
x-amz-apigw-id: P_NrsGHZIAMESGA=
x-request-id: 35547058-2a22-4897-bd43-592c2615cbd9
server: cloudflare
x-amzn-trace-id: Root=1-657c5cb0-375c56b935a9931a0e0a9787;Sampled=0;lineage=4fe229b5:0|5548bea5:0
access-control-max-age: 3628800
access-control-allow-methods: GET,POST,PUT,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.billandpay.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3Jj2Ft0kdxIX7hdkIIp7CLLKkJa9EpC%2BmKeemR6K2djWyrN2QdFAeHXGlu3iZamLpvNIeMi85BjP7ecGjs%2FKAHtyVrsG59pILuVQtnsAYx5J58jazo5fqraXBaIWOayIZpoUk6rvCTkbSUEq2VBuqxMhWw%2F04s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 835f3af16e3cbbd9-FRA
access-control-allow-headers: Origin,Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

OPTIONS
H2 200 invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B
api.i3verticals.com/v2/plugins/invoice-payer/ Frame 0
0 728ms
488ms Preflight
application/json 2606:4700::6812:d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.i3verticals.com/v2/plugins/invoice-payer/invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.billandpay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin,Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET,POST,PUT,PATCH,OPTIONS
access-control-allow-origin: https://www.billandpay.com
access-control-max-age: 3628800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 835f3aee58e7bbd9-FRA
content-length: 0
content-type: application/json
date: Fri, 15 Dec 2023 14:03:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZlcBdfzgIUFqCpafnTq2i8BcCThrDkyEt0cLTjFZg1AbAT%2Fw%2B8WJsqeAl353PMfH069tuQwF7Q8vdQnMy%2BgVoqEqwQEdCvwzHYI018vc2J6EGSQ4CvmCQY1hD%2FFKOT6FKPfcvbYEBQGXlsoWBCVw04Sm0YKvOI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-apigw-id: P_NrqF65IAMEU0w=
x-amzn-requestid: 07b788b3-a079-4aa5-9a32-9013eb719e75
x-amzn-trace-id: Root=1-657c5cb0-61acb71624fca4283b6eca71;Sampled=0;lineage=5548bea5:0
x-content-type-options: nosniff

GET
H2 200 / Show response
content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/invoice-payer/ Frame A407 12 KB
3 KB 110ms
109ms Document
text/html 2606:4700::6812:c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/invoice-payer/?i=1&psid=invoice-payer_JuTCWZ2esDy5jzFrZW0HgxOc1qGq2QOPn9VZVAiNdHgL4t6B

Requested by

Host: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/007110d7ba/a/i3plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6094eaed0ba8f2bf4c7b203b61ec846cc88dc41df28484e03247a66e5a917b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.billandpay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 835f3af2dbec9a00-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Dec 2023 14:03:29 GMT
last-modified: Thu, 14 Dec 2023 15:20:36 GMT
server: cloudflare
x-content-type-options: nosniff

GET i3embedded.js
content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/ Frame A407 0
0

GET ui.js
content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/invoice-payer/ Frame A407 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/i3embedded.js

Domain: content.i3verticals.com
URL: https://content.i3verticals.com/uapi/plugins/007110d7ba/a/forms/invoice-payer/ui.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			content.i3verticals.com/	1970-01-20 17:07:33	Name: AWSALBCORS Value: 9QdD6dudDpNd6m3bs81U7oyMcyYUNfps7Uu11RaUk0mtP6VfImZoPlrGTDSDIC6tn0Q3ZfNTt9GSN0JMCKs9o+jeQM/bsgGVOv7SPk8S41msSd0MbjNakPOVDZTF

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.i3verticals.com
billpay.shredboss.com
content.i3verticals.com
fonts.googleapis.com
www.billandpay.com
content.i3verticals.com
2606:4700::6812:17cb
2606:4700::6812:c96
2606:4700::6812:d96
2a00:1450:4001:831::200a
35.212.86.118
07f7335b4dfa782be77920282545739a979df7df72fa55b30e47acd55f77b627
137b36087f7296163a0bb7b84a7f2e60b393d56734af6b1be094fad1bee0938a
217192a4e6601f40b0021e87509b848923a34536eef089ee8b0a41901fe7cb72
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
3c0c295847f918aae40ad5bd8ce1659c88d644065b919c05918e0b8747231bd7
6094eaed0ba8f2bf4c7b203b61ec846cc88dc41df28484e03247a66e5a917b41
6f33393d817b8ab9a703ea9e2b487b56798559607e4019f9ad961a47b728e37a
79e258d38680ff8c63837596dabacc845d237f1f327bbc8d5633008f1bd51e30
7a84b6f1471871d8ae9b74a6536ebbdd19955364a55da3f5e242d00c3f78fd99
8a2182c136a41410b9500fb8156e216c05b5390ec00e21dd97dcda3f03430a0e
9022374b17bcce55b2673262b0c8ea50d6c2837607af5a2a2eccc4732a63c62e
af679b886e0a25a8316392551b03a2cc66e5b1df240ae5a172ee56f87e16259c
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
d1df75f1e401f4f06d57d70f86a6acd35e2e7b9f11cb387eecb45f728351b26b
e07cfd02f4dc11b17e67b2ac6d21aee2b81183cf03a3cdfa6a627e333bf4bc1a
f9bd598644164c3e374661bac415f1cf6b35d05491a54d203fcf9880e9ca2fac

www.billandpay.com Open in urlscan Pro 2606:4700::6812:17cb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

89 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

55 kBTransfer

125 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.billandpay.com Open in urlscan Pro
2606:4700::6812:17cb Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

55 kB
Transfer

125 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions