billpay.tra401k.com Open in urlscan Pro
67.23.168.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billpay.tra401k.com/
Effective URL:
https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Submission: On July 29 via manual (July 29th 2022, 2:20:33 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 18 HTTP transactions. The main IP is 67.23.168.142, located in United States and belongs to IMMEDION, US. The main domain is billpay.tra401k.com.
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.

This is the only time billpay.tra401k.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 16	67.23.168.142 67.23.168.142		15085 (IMMEDION) (IMMEDION)
1	2a00:1450:400... 2a00:1450:4001:829::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80a::200a		15169 (GOOGLE) (GOOGLE)
18	3

16 67.23.168.142 (United States) 1 redirects

ASN15085 (IMMEDION, US)
PTR: ip.dartpoints.com

billpay.tra401k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tra401k.com 1 redirects billpay.tra401k.com	185 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 maps.googleapis.com — Cisco Umbrella Rank: 310	147 KB
18	2

	Domain	Requested by
16	billpay.tra401k.com	1 redirects billpay.tra401k.com
2	maps.googleapis.com	billpay.tra401k.com maps.googleapis.com
1	ajax.googleapis.com	billpay.tra401k.com
18	3

This site contains links to these domains. Also see Links.

Domain
tra401k.com

Subject Issuer	Validity	Valid
billpay.tra401k.com R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Frame ID: 5D22ACC07A27C7F9DF45342F19B7BFCA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Retirement Advantage

Page URL History Show full URLs

https://billpay.tra401k.com/ HTTP 302
https://billpay.tra401k.com/landing.asp?autopage=/Default.asp Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

331 kB
Transfer

772 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tra401k.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billpay.tra401k.com/ HTTP 302
https://billpay.tra401k.com/landing.asp?autopage=/Default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request landing.asp Show response
billpay.tra401k.com/
Redirect Chain

https://billpay.tra401k.com/
https://billpay.tra401k.com/landing.asp?autopage=/Default.asp

7 KB
3 KB

350ms
349ms

Document
text/html

67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 9e9aee019e3f14c7e357ab737f899db45fb1e04b018d9c212f22901b91c59813

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://billpay.tra401k.com
Cache-Control: private
Content-Encoding: gzip
Content-Length: 3121
Content-Type: text/html
Date: Fri, 29 Jul 2022 14:20:21 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-UA-Compatible: IE=edge

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://billpay.tra401k.com
Cache-Control: private
Content-Length: 154
Content-Type: text/html
Date: Fri, 29 Jul 2022 14:20:21 GMT
Location: landing.asp?autopage=/Default.asp
Server: Microsoft-IIS/8.5

GET
H/1.1 200
OK bootstrap.css
billpay.tra401k.com/templates/css/ 99 KB
24 KB 261ms
260ms Stylesheet
text/css 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/css/bootstrap.css
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 46fa873ce94b379614a6e53eeb96267df9fcbf56f3965277ea3b0cd941672cff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Oct 2014 14:20:28 GMT
Server: Microsoft-IIS/8.5
ETag: "58dec42ccce3cf1:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 24115

GET
H/1.1 200
OK font-awesome.min.css
billpay.tra401k.com/templates/fa/css/ 22 KB
5 KB 512ms
275ms Stylesheet
text/css 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/fa/css/font-awesome.min.css
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Jan 2014 18:00:14 GMT
Server: Microsoft-IIS/8.5
ETag: "bea3adfaf6ecf1:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 5231

GET
H/1.1 200
OK products.css
billpay.tra401k.com/templates/css/ 29 KB
9 KB 507ms
269ms Stylesheet
text/css 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/css/products.css?v1b
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 7e48922cda69b81dedc2ffa37d94b0b44e5d50e51693a0eb71bf94683eb37791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Dec 2014 18:37:13 GMT
Server: Microsoft-IIS/8.5
ETag: "cdc28c7cba10d01:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 8569

GET
H/1.1 200
OK main.css
billpay.tra401k.com/templates/css/ 59 KB
18 KB 621ms
381ms Stylesheet
text/css 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/css/main.css?v1b
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 5f801d9afea6755855be21aae3e98a1f85420e6b94c520de11444a092a5e715d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Oct 2018 17:50:59 GMT
Server: Microsoft-IIS/8.5
ETag: "67a3b0f64166d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 17633

GET
H/1.1 200
OK notemplate.css
billpay.tra401k.com/templates/css/ 367 B
702 B 380ms
117ms Stylesheet
text/css 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/css/notemplate.css
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 12779dab7aa91826a14e4df598f0aa64d4c44f9f829cb7f2ad7bf9d27c586631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2013 14:34:02 GMT
Server: Microsoft-IIS/8.5
ETag: "94e7f3657de0ce1:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 334

GET
H/1.1 200
OK modernizr.min.js Show response
billpay.tra401k.com/templates/js/vendor/ 9 KB
5 KB 515ms
142ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/js/vendor/modernizr.min.js
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: f7d71e51ae975888c66e5a758a2af39fd87cfc4e04c5edce1f6b851dc8fd9193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2014 14:51:51 GMT
Server: Microsoft-IIS/8.5
ETag: "9a2142fe6e10cf1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 4480

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 61ms
18ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:14:42 GMT
x-content-type-options: nosniff
age: 340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 14:14:42 GMT

GET
H/1.1 200
OK jquery-ui-1.10.1.custom.min.js Show response
billpay.tra401k.com/templates/js/vendor/ 55 KB
22 KB 629ms
253ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/js/vendor/jquery-ui-1.10.1.custom.min.js
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: ccb08c41dc6b32b167df546629de5de58d3a6fd6d60d2b450cfcf8925b28ab3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2013 19:09:20 GMT
Server: Microsoft-IIS/8.5
ETag: "f72b019551fce1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 22189

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 164 KB
54 KB 117ms
54ms Script
text/javascript 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?sensor=false

Requested by

Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1019a4253b68709c3d16b5538d3ebd711c9eafb1e464fd2f6667e72bc121a02d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:20:22 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=13
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55292
x-xss-protection: 0
expires: Fri, 29 Jul 2022 14:50:22 GMT

GET
H/1.1 200
OK TRA_Logo_Blue_250w.png
billpay.tra401k.com/images/ 5 KB
5 KB 119ms
118ms Image
image/png 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billpay.tra401k.com/images/TRA_Logo_Blue_250w.png
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 46e31438ebaa808881671c1b40327b1847441562ec63b27495253739e365cc71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Last-Modified: Mon, 17 Sep 2018 15:13:30 GMT
Server: Microsoft-IIS/8.5
ETag: "2737fafd984ed41:0"
Content-Type: image/png
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 4932

GET
H/1.1 200
OK bootstrap-2.3.2.min.js Show response
billpay.tra401k.com/templates/js/vendor/ 28 KB
10 KB 154ms
153ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/js/vendor/bootstrap-2.3.2.min.js
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: d0b6c4678d65eda672862d329993592e281b5491cb1b9cbc4cc5b99fbb6b275a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Aug 2013 13:54:04 GMT
Server: Microsoft-IIS/8.5
ETag: "c5f691be3e94ce1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 10053

GET
H/1.1 200
OK plugins.js Show response
billpay.tra401k.com/templates/js/ 187 KB
71 KB 275ms
275ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/js/plugins.js?v1b
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 96f59b1b4afec1fa5c91436ac993ee27519790a27e3f414f9c7d9da89ca42aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Oct 2018 14:48:19 GMT
Server: Microsoft-IIS/8.5
ETag: "a95c4c475f65d41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Transfer-Encoding: chunked
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK main.js Show response
billpay.tra401k.com/templates/js/ 7 KB
3 KB 127ms
126ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/templates/js/main.js?v1a
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 74d36a6d5f8fb23490e307bed5edf5e857b2d267c5241ba5476b8e80ac66f14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Feb 2015 19:25:12 GMT
Server: Microsoft-IIS/8.5
ETag: "ae93d21e73fd01:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 3007

GET
H/1.1 200
OK i_js_hooks.asp Show response
billpay.tra401k.com/ 3 KB
2 KB 116ms
116ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/i_js_hooks.asp
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 5317572da022cfb629f4f0127f8cf5c1c9016d92d9db6825c3b4212c8509f517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://billpay.tra401k.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1443

GET
H/1.1 200
OK js_custom_functions.asp Show response
billpay.tra401k.com/CustomFunctions/ 0
337 B 169ms
169ms Script
application/javascript 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to

Full URL: https://billpay.tra401k.com/CustomFunctions/js_custom_functions.asp
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://billpay.tra401k.com
Date: Fri, 29 Jul 2022 14:20:22 GMT
Cache-Control: private
Access-Control-Allow-Credentials: true
Server: Microsoft-IIS/8.5
Content-Length: 0
Content-Type: application/javascript

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 86ms
39ms XHR
application/json 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?sensor=false

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://billpay.tra401k.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK loadingAnimation.gif
billpay.tra401k.com/templates/js/jquery/ 6 KB
6 KB 121ms
121ms Image
image/gif 67.23.168.142
IMMEDION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billpay.tra401k.com/templates/js/jquery/loadingAnimation.gif
Requested by: Host: billpay.tra401k.com
URL: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 67.23.168.142 , United States, ASN15085 (IMMEDION, US),
Reverse DNS: ip.dartpoints.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.tra401k.com/landing.asp?autopage=/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:20:22 GMT
Last-Modified: Tue, 16 Jun 2009 16:09:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0b65dc29ceec91:0"
Content-Type: image/gif
Access-Control-Allow-Origin: https://billpay.tra401k.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 5886

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Modernizr object| html5 function| $ function| jQuery function| DP_jQuery_1659104428749 object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| CheckForm function| showLoadingpopup function| HideLoading boolean| bValidIp object| jQuery183042489361542023585 function| tb_init function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF string| tb_pathToImage object| Select2 function| iFrameResize function| fncMoveProgressBar function| fncEqualColumnHeights function| fncFixSelectOptionsIE function| getOriginalPageName function| registerHook function| runHook object| imgLoader

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.billpay.tra401k.com/	1969-12-31 23:59:59	Name: customer%5Flogon Value: username=&custid=&c%5Fid=&parent%5Fc%5Fid=
			.billpay.tra401k.com/	1969-12-31 23:59:59	Name: cookie%5Fsession Value: super%5Fuser%5Fs%5Fid=&url%5Fid=&c%5Ftype=&gr%5Fid=&a%5Fname=&c%5FLastname=&CurrencySymbol=1033&a%5Fid=&c%5FfirstName=&l%5Fid=&created=1&country%5Fid=&sc%5Fid=BBF38C27B9CD4F23B0D08D23130990EE&l%5Fws%5Fid=&a%5Fnum=&c%5Fid=&s%5Fkey=96285C87AAA34C7291E52F5E66392FF7
			billpay.tra401k.com/	1969-12-31 23:59:59	Name: anon%5Fsc%5Fid Value:
			billpay.tra401k.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSEDQDCAB Value: EKFMPNOCIDEJPJPDIBGCOENF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
billpay.tra401k.com
maps.googleapis.com
2a00:1450:4001:829::200a
2a00:1450:4014:80a::200a
67.23.168.142
1019a4253b68709c3d16b5538d3ebd711c9eafb1e464fd2f6667e72bc121a02d
12779dab7aa91826a14e4df598f0aa64d4c44f9f829cb7f2ad7bf9d27c586631
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
46e31438ebaa808881671c1b40327b1847441562ec63b27495253739e365cc71
46fa873ce94b379614a6e53eeb96267df9fcbf56f3965277ea3b0cd941672cff
5317572da022cfb629f4f0127f8cf5c1c9016d92d9db6825c3b4212c8509f517
5f801d9afea6755855be21aae3e98a1f85420e6b94c520de11444a092a5e715d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
74d36a6d5f8fb23490e307bed5edf5e857b2d267c5241ba5476b8e80ac66f14f
7e48922cda69b81dedc2ffa37d94b0b44e5d50e51693a0eb71bf94683eb37791
96f59b1b4afec1fa5c91436ac993ee27519790a27e3f414f9c7d9da89ca42aa9
9e9aee019e3f14c7e357ab737f899db45fb1e04b018d9c212f22901b91c59813
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb08c41dc6b32b167df546629de5de58d3a6fd6d60d2b450cfcf8925b28ab3b
d0b6c4678d65eda672862d329993592e281b5491cb1b9cbc4cc5b99fbb6b275a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
f7d71e51ae975888c66e5a758a2af39fd87cfc4e04c5edce1f6b851dc8fd9193