urlscan.io logo urlscan.io
SecurityTrails logo

www.backthebill.com.au Open in urlscan Pro
3.248.8.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://backthebill.com.au/
Effective URL: https://www.backthebill.com.au/
Submission: On August 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 3.248.8.137, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.backthebill.com.au.
TLS certificate: Issued by R3 on August 3rd 2021. Valid for: 3 months.
This is the only time www.backthebill.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 99.83.190.102 16509 (AMAZON-02)
1 3.248.8.137 16509 (AMAZON-02)
7 13.225.237.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.84.40.5 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.224.96.118 16509 (AMAZON-02)
18 7
1    99.83.190.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
backthebill.com.au
1    3.248.8.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-8-137.eu-west-1.compute.amazonaws.com
www.backthebill.com.au
7    13.225.237.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-237-35.bru50.r.cloudfront.net
uploads-ssl.webflow.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    52.84.40.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-40-5.mrs52.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.224.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-118.zrh50.r.cloudfront.net
d1otoma47x30pg.cloudfront.net
Domain Requested by
7 uploads-ssl.webflow.com www.backthebill.com.au
uploads-ssl.webflow.com
5 fonts.gstatic.com fonts.googleapis.com
2 d3e54v103j8qbb.cloudfront.net www.backthebill.com.au
1 d1otoma47x30pg.cloudfront.net www.backthebill.com.au
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.backthebill.com.au
1 www.backthebill.com.au
1 backthebill.com.au 1 redirects
18 8

This site contains links to these domains. Also see Links.

Domain
chng.it
fb.me
twitter.com
www.facebook.com
www.instagram.com
webflow.com
Subject Issuer Validity Valid
www.backthebill.com.au
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
uploads-ssl.webflow.com
Amazon		 2020-10-26 -
2021-11-25		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.backthebill.com.au/
Frame ID: 745E3F64019C635B2EEDB543DB1F9E3D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://backthebill.com.au/ HTTP 301
    https://www.backthebill.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • meta generator /Webflow/i

Page Statistics

18
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

2187 kB
Transfer

4094 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://backthebill.com.au/ HTTP 301
    https://www.backthebill.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.backthebill.com.au/
Redirect Chain
  • https://backthebill.com.au/
  • https://www.backthebill.com.au/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.248.8.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-8-137.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
64835a15cd22d5759b0767cdc70e29e5b06a4b0cd8e41d671269d3e415eae069

Request headers

:method
GET
:authority
www.backthebill.com.au
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Tue, 03 Aug 2021 22:46:40 GMT
content-type
text/html
content-length
2435
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
age
0
x-served-by
cache-dca17727-DCA, cache-dub4337-DUB
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1628030800.329672,VS0,VE125
vary
Accept-Encoding
x-cluster-name
eu-west-1-prod-eks-15

Redirect headers

server
openresty
date
Tue, 03 Aug 2021 22:46:40 GMT
content-type
text/html
content-length
166
location
https://www.backthebill.com.au/
blue-card-bill-d923de.webflow.c99d6f0cd.css
uploads-ssl.webflow.com/60f80c224a573c66af218452/css/ 		124 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/css/blue-card-bill-d923de.webflow.c99d6f0cd.css
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e8bbb7cd33deb14436419e817ff8cb437ae9e9ca9fa54ded818a99da5b1bd9b

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:41 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 22:46:10 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
"52dabd5bf7a66de92efbbe7bcd2bbf2b"
x-cache
Miss from cloudfront
x-amz-version-id
Fd3FwkPSryPsvSZQXjqa42BXqP5qPdbn
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/css
content-length
17314
x-amz-cf-id
Z7XxLQlzwLv7zsvFVSviIeZA7b5-YXucXZoWoUiNAF2utyHjkrdNPQ==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 22:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 22:33:18 GMT
60f823a52b106a2961284fed_KAP%20logo%20transparent%404x-p-500.png
uploads-ssl.webflow.com/60f80c224a573c66af218452/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/60f823a52b106a2961284fed_KAP%20logo%20transparent%404x-p-500.png
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a38e41e5b3e369d1ca196b81aadb95c1d0d67bd148f61feaa7ed4a6dd135a38

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:42 GMT
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 13:39:57 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
"787eb3aeef52720ec83343679262c811"
x-cache
Miss from cloudfront
x-amz-version-id
5j1UC79VOrgsX.Wq40n99bMCrrf1dHpd
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
11068
x-amz-cf-id
8T89Cesvy9d7HTXR-CDjO0nmSewM8c1eoYT7PkJzf6LeNbxI3lqUqw==
60f80c234a573c385b2184ac_Twitter_Social_Icon_Rounded_Square_White.svg
uploads-ssl.webflow.com/60f80c224a573c66af218452/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/60f80c234a573c385b2184ac_Twitter_Social_Icon_Rounded_Square_White.svg
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b07b42dbd39057e390ad2a5ec1350aa590d3a8cb612d4419f2453b940b9a863

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:42 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 11:59:33 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
W/"44b08116ff98795da9e8d107cb734d1d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
K2wqBv.oCWf4wBde0_kMUjzmXK5eP_nU
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
cache-control
max-age=31536000, must-revalidate
content-type
image/svg+xml
x-amz-cf-id
DPfAVh86eyUj3qR0vC2GpXxinIO2BR1b47WuiwL61wvRv_d6BRNXew==
60f80c234a573c82812184ad_Facebook%20Logo.svg
uploads-ssl.webflow.com/60f80c224a573c66af218452/ 		494 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/60f80c234a573c82812184ad_Facebook%20Logo.svg
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b550836583289785a3271853575f9440edbd7fb0c0569a8152301d79f2cea222

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:42 GMT
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 11:59:33 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
"b9d8e40ee521009c963d772fd8dfb6f2"
x-cache
Miss from cloudfront
x-amz-version-id
Rbucrqj9IAGo8EApnXMlxTw8Ud4S3mEo
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/svg+xml
content-length
494
x-amz-cf-id
pKruSNZPRkJPxux_Q7q6djFqdnqdCQEfCdjzKpYy7FVc976N83mTgw==
60f80c234a573c34a62184ab_Insta.svg
uploads-ssl.webflow.com/60f80c224a573c66af218452/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/60f80c234a573c34a62184ab_Insta.svg
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8e7b808ac691f3069929a2b0cd2f7160b57117dc3cfaa0c74a41d253cbd9f86

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:42 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 11:59:33 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
W/"3450798fc5d1ec74437b3956d90aef5e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
qguPrMazywgrbHg1MtyySe66SQ4atZ0Q
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
cache-control
max-age=31536000, must-revalidate
content-type
image/svg+xml
x-amz-cf-id
o15npLM5JcYyINBA4diNKlt553ozdGOUzPVenFToULEzHL263MjFZA==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=60f80c224a573c66af218452
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.40.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-40-5.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://www.backthebill.com.au
Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 22:46:41 GMT
content-encoding
gzip
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=84600, must-revalidate
x-cache
Miss from cloudfront
x-amz-cf-id
Jryd-MC9m1jDza4CbE3gjLOs2NGtsZn2E9oAZxlIL_iLGbqWoHy7ag==
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
webflow.d0117c1eb.js
uploads-ssl.webflow.com/60f80c224a573c66af218452/js/ 		2 MB
448 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/js/webflow.d0117c1eb.js
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97281f488eb98bcfe71f3d81fb46ad02a60644ef096811eda1e45f801ace4626

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:41 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 22:46:10 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
"c09a44aff17891733a364cc89874a70d"
x-cache
Miss from cloudfront
x-amz-version-id
Cig4tyg3X8tBWVJhg46K1GnVzAm4UpzN
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/javascript
content-length
457231
x-amz-cf-id
ciMloPjhM4gbDSxZs36Ql7JLEhVhdPAXbKevSuJub3XcpMe5u3hIxA==
css
fonts.googleapis.com/ 		12 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71e711f280c081bae710f4dd30ce24cb3311f49a538f0c02aac06494dd133e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 22:46:40 GMT
server
ESF
date
Tue, 03 Aug 2021 22:46:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Aug 2021 22:46:40 GMT
60f8234ae2941f54c0586dde_Untitled%20design%20(1).jpg
uploads-ssl.webflow.com/60f80c224a573c66af218452/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/60f8234ae2941f54c0586dde_Untitled%20design%20(1).jpg
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/60f80c224a573c66af218452/css/blue-card-bill-d923de.webflow.c99d6f0cd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.237.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-237-35.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c992731af47124367a47e39a7f61d789693278038219d96eb2556e50409150ab

Request headers

Referer
https://uploads-ssl.webflow.com/60f80c224a573c66af218452/css/blue-card-bill-d923de.webflow.c99d6f0cd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 03 Aug 2021 22:46:42 GMT
via
1.1 2b6f385212d54f32d2c4991db852b20f.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 13:38:20 GMT
server
AmazonS3
x-amz-cf-pop
BRU50-C1
etag
"94e29637b3ca7555f872f5c3ccc7f8fe"
x-cache
Miss from cloudfront
x-amz-version-id
jsslzq5AArFrAVelwEYePE3RVAWfkL0t
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
1600818
x-amz-cf-id
xMIUCIbtoWNn2ejl92TrEWHYrkdaciE05N0zRv2xIz7P4MyORHV4DA==
6xKudSxYI9__J9CYLUv0.woff2
fonts.gstatic.com/s/sen/v2/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfd3de6ac696480ac93accbccbf4ce0f2604f5f642d2f3aad2f64d2b8c2d3446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.backthebill.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 10:58:44 GMT
x-content-type-options
nosniff
age
42476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16604
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:38:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 10:58:44 GMT
6xKjdSxYI9_3nPWN.woff2
fonts.gstatic.com/s/sen/v2/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b974c8c5475b4b49550228f580daad2cc2cabc7937736e48292b83635b5f7970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.backthebill.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 13:06:46 GMT
x-content-type-options
nosniff
age
34794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16236
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:38:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:06:46 GMT
DPEtYwqExx0AWHX5Ax4E.woff2
fonts.gstatic.com/s/varela/v11/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varela/v11/DPEtYwqExx0AWHX5Ax4E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf07fd4cc45e7e1c74840fa4acd9841576f11b5b952fa56fca7063270c4db4bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.backthebill.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 03:06:48 GMT
x-content-type-options
nosniff
age
70792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19048
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:48:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 03:06:48 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.backthebill.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 02:22:45 GMT
x-content-type-options
nosniff
age
73435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31676
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 02:22:45 GMT
6xKudSxYI9__O9OYLUv0.woff2
fonts.gstatic.com/s/sen/v2/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__O9OYLUv0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela:400%7COswald:200,300,400,500,600,700%7CSen:regular,700,800
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38daf368daf1a35cec19dc4fb3bbe39c11ce6515124e0dcd453b9a56c2838d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.backthebill.com.au
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 11:07:02 GMT
x-content-type-options
nosniff
age
41978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16504
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:38:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 11:07:02 GMT
webflow-badge-icon.f67cd735e3.svg
d3e54v103j8qbb.cloudfront.net/img/ 		986 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e54v103j8qbb.cloudfront.net/img/webflow-badge-icon.f67cd735e3.svg
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.40.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-40-5.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62ec19d15083cbe8e83011166ea431990acebbc3e3ffdef1fce157dfb590d9af

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 15:21:31 GMT
via
1.1 57f18a988739f5feaf34dc974846ac6d.cloudfront.net (CloudFront)
last-modified
Wed, 20 Feb 2019 14:35:04 GMT
server
AmazonS3
age
78973
etag
"f67cd735e31357df186644dce43ec148"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
MRS52-P1
accept-ranges
bytes
content-length
986
x-amz-cf-id
ur1e1iHGPXh7v_Yy2YIEnmMBkk57Ytm5W0MV29HA2ROV-cyOZ3ATkA==
webflow-badge-text.6faa6a38cd.svg
d1otoma47x30pg.cloudfront.net/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1otoma47x30pg.cloudfront.net/img/webflow-badge-text.6faa6a38cd.svg
Requested by
Host: www.backthebill.com.au
URL: https://www.backthebill.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-118.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ced8fefb6bac72d336556cde73b3846929d44d253620de919b0d8ee0168ab61

Request headers

Referer
https://www.backthebill.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 09:21:40 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2016 08:40:05 GMT
server
AmazonS3
age
66682
etag
W/"6faa6a38cd86f8d3230ca56aff3d0d47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
SX2tk-Cooo0QCw-nnd26wljEmyzuMrNF81b65b6RZQbiP3dNCBDUIg==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| WebFont object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow object| SharedConfig function| setImmediate function| clearImmediate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
backthebill.com.au
d1otoma47x30pg.cloudfront.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
uploads-ssl.webflow.com
www.backthebill.com.au
13.224.96.118
13.225.237.35
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200a
3.248.8.137
52.84.40.5
99.83.190.102
0a38e41e5b3e369d1ca196b81aadb95c1d0d67bd148f61feaa7ed4a6dd135a38
38daf368daf1a35cec19dc4fb3bbe39c11ce6515124e0dcd453b9a56c2838d78
5e8bbb7cd33deb14436419e817ff8cb437ae9e9ca9fa54ded818a99da5b1bd9b
62ec19d15083cbe8e83011166ea431990acebbc3e3ffdef1fce157dfb590d9af
64835a15cd22d5759b0767cdc70e29e5b06a4b0cd8e41d671269d3e415eae069
6b07b42dbd39057e390ad2a5ec1350aa590d3a8cb612d4419f2453b940b9a863
71e711f280c081bae710f4dd30ce24cb3311f49a538f0c02aac06494dd133e8f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
97281f488eb98bcfe71f3d81fb46ad02a60644ef096811eda1e45f801ace4626
9ced8fefb6bac72d336556cde73b3846929d44d253620de919b0d8ee0168ab61
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
b550836583289785a3271853575f9440edbd7fb0c0569a8152301d79f2cea222
b974c8c5475b4b49550228f580daad2cc2cabc7937736e48292b83635b5f7970
bf07fd4cc45e7e1c74840fa4acd9841576f11b5b952fa56fca7063270c4db4bf
c992731af47124367a47e39a7f61d789693278038219d96eb2556e50409150ab
d8e7b808ac691f3069929a2b0cd2f7160b57117dc3cfaa0c74a41d253cbd9f86
dfd3de6ac696480ac93accbccbf4ce0f2604f5f642d2f3aad2f64d2b8c2d3446
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d