urlscan.io logo urlscan.io
SecurityTrails logo

epay.finance.gov.pg Open in urlscan Pro
103.103.182.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://epay.finance.gov.pg/
Effective URL: https://epay.finance.gov.pg/dof-home/
Submission: On September 30 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 26 HTTP transactions. The main IP is 103.103.182.197, located in Port Moresby, Papua New Guinea and belongs to DIGITECPNG-AS-AP Digitec PNG Limited, PG. The main domain is epay.finance.gov.pg.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on November 16th 2023. Valid for: 10 months.
This is the only time epay.finance.gov.pg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 103.103.182.197 63945 (DIGITECPN...)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.99 15169 (GOOGLE)
26 3
Apex Domain
Subdomains		 Transfer
22 finance.gov.pg
epay.finance.gov.pg
4 MB
4 gstatic.com
fonts.gstatic.com
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
26 3
Domain Requested by
22 epay.finance.gov.pg 1 redirects epay.finance.gov.pg
4 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com epay.finance.gov.pg
26 3

This site contains links to these domains. Also see Links.

Domain
goo.gl
Subject Issuer Validity Valid
epay.finance.gov.pg
Starfield Secure Certificate Authority - G2		 2023-11-16 -
2024-09-28		 10 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://epay.finance.gov.pg/dof-home/
Frame ID: 78687610E16AA2C3BF7BD5EDDAB3661E
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. http://epay.finance.gov.pg/ HTTP 307
    https://epay.finance.gov.pg/ HTTP 301
    https://epay.finance.gov.pg/dof-home/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

19 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

3957 kB
Transfer

3957 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://epay.finance.gov.pg/ HTTP 307
    https://epay.finance.gov.pg/ HTTP 301
    https://epay.finance.gov.pg/dof-home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
epay.finance.gov.pg/dof-home/
Redirect Chain
  • http://epay.finance.gov.pg/
  • https://epay.finance.gov.pg/
  • https://epay.finance.gov.pg/dof-home/
18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8d2a1aaade5c69c9a968b4d4e50f8dab39d32b36ff47b94b68c252dd728e0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
18333
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Sep 2024 04:19:27 GMT
ETag
"65e59d0e-479d"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 04 Mar 2024 10:06:06 GMT
Server
nginx/1.23.2
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none *
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
245
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 30 Sep 2024 04:19:23 GMT
Keep-Alive
timeout=5, max=100
Location
https://epay.finance.gov.pg/dof-home/
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,300i,400,500,600,700,900%7CRaleway:500
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47421d5f6c4feca7bd06e79616f39e985aa5d427cf3d40f3a606f744fac786c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 04:19:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 04:19:41 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 04:19:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.css
epay.finance.gov.pg/dof-home/css/ 		121 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/css/bootstrap.css
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
924e877ffd142f692bdbc169542da62af2f06e8e673f3fd1d71992341a0d8e0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-1e494"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
text/css
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
124052
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
fonts.css
epay.finance.gov.pg/dof-home/css/ 		174 KB
175 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/css/fonts.css
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
007f185bd38c10c7438ddace9e8271b6aae3a19d5c972ba06130f4074e02ed61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-2b822"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
text/css
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
178210
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
style.css
epay.finance.gov.pg/dof-home/css/ 		267 KB
268 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/css/style.css
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
fc914e6c5e423d6ad4e8c6a0f1e256eae6091c36b96bf48c72c2268796ca2f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-42c48"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
text/css
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
273480
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
logo-dark.png
epay.finance.gov.pg/dof-home/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/logo-dark.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
6f063a1fadeb3b2a0366e6af996ed29e425b8a38be417db3373c2432873c0a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-232a"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
9002
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
AdminPortal.png
epay.finance.gov.pg/dof-home/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/AdminPortal.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8c8ca74f40155726e2b75413791a541cd5397294bbd37fd4fb0fa881e40350d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-3a1a"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
14874
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
AgencyPortal.png
epay.finance.gov.pg/dof-home/images/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/AgencyPortal.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
bf4e42e9cb41e79865a66619b11faa8991939421f5fe34c9a283f41e42a2f12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-10bb4"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=99
Date
Mon, 30 Sep 2024 04:19:19 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
68532
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
CustomerPortal.png
epay.finance.gov.pg/dof-home/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/CustomerPortal.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
473b44b3f109ad8c9e218cbf99cf302b2594f72f419de2ecd74fae57389aa5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-16cb"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=97
Date
Mon, 30 Sep 2024 04:19:19 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
5835
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
logo-light.png
epay.finance.gov.pg/dof-home/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/logo-light.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
aee335bd1d6758474d2ecc073faa20bddfbee5aabc7d98027efa152659ba154e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-bae7"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=99
Date
Mon, 30 Sep 2024 04:19:19 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
47847
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
core.min.js
epay.finance.gov.pg/dof-home/js/ 		616 KB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/js/core.min.js
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
7c3c91df735b6c5e895cd9c29a3eb8427df5c53315680f8f1a252e8565433c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-99eee"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=100
Date
Mon, 30 Sep 2024 04:19:28 GMT
Content-Type
application/javascript
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
630510
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
script.js
epay.finance.gov.pg/dof-home/js/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/js/script.js
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8c5ca0499da8a0dd4f0319751efff59f7b2c70477897a0061af89f4404869397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-a677"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=99
Date
Mon, 30 Sep 2024 04:19:19 GMT
Content-Type
application/javascript
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
42615
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
fernandoforero-asfalto.ttf
epay.finance.gov.pg/dof-home/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.ttf
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8d2a1aaade5c69c9a968b4d4e50f8dab39d32b36ff47b94b68c252dd728e0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://epay.finance.gov.pg/dof-home/css/fonts.css

Response headers

ETag
"65e3029d-479d"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=99
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Sat, 02 Mar 2024 10:42:37 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18333
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,300i,400,500,600,700,900%7CRaleway:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://fonts.googleapis.com/

Response headers

age
280200
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 22:29:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 22:29:44 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,300i,400,500,600,700,900%7CRaleway:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://fonts.googleapis.com/

Response headers

age
310822
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 13:59:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 13:59:22 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
server
sffe
materialdesignicons-webfont.woff2
epay.finance.gov.pg/dof-home/fonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/fonts/materialdesignicons-webfont.woff2?v=1.4.57
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://epay.finance.gov.pg/dof-home/css/fonts.css

Response headers

ETag
"65df3886-1378c"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
font/woff2
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
79756
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
Linearicons.woff
epay.finance.gov.pg/dof-home/fonts/ 		395 KB
396 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/fonts/Linearicons.woff
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
881c15f76b32e1d87e1dddca306feb48d7becbb7bf9cc8a1ce50c6de0f17b4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://epay.finance.gov.pg/dof-home/css/fonts.css

Response headers

ETag
"65df3886-62c28"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
font/woff
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
404520
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,300i,400,500,600,700,900%7CRaleway:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://fonts.googleapis.com/

Response headers

age
344308
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 04:41:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 04:41:16 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,300i,400,500,600,700,900%7CRaleway:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://fonts.googleapis.com/

Response headers

age
355197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 01:39:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 01:39:47 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
fernandoforero-asfalto.woff
epay.finance.gov.pg/dof-home/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.woff
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8d2a1aaade5c69c9a968b4d4e50f8dab39d32b36ff47b94b68c252dd728e0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://epay.finance.gov.pg/dof-home/css/fonts.css

Response headers

ETag
"65e3029d-479d"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Sat, 02 Mar 2024 10:42:37 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18333
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
simplepayment.jpg
epay.finance.gov.pg/dof-home/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/simplepayment.jpg
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
9b63128f507ccdd6c6ed0f67b41534e22ca9cf228bb1a49186e97bb960c5d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-adee"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=99
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
44526
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
userfriendly.jpg
epay.finance.gov.pg/dof-home/images/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/userfriendly.jpg
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
c120e9a6719099c11bd56053ef1cc91ab634963e510f63dce6de9da74d91c2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-105a3"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
66979
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
service.jpg
epay.finance.gov.pg/dof-home/images/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/service.jpg
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
516e7b9507e06b22eaabcbbdd61f8e96b2cc2e6797c6e64368098f964597b5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-1d06b"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=96
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
118891
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
atmosphere.png
epay.finance.gov.pg/dof-home/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epay.finance.gov.pg/dof-home/images/atmosphere.png
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e13dd78e364968643cde8c079cbf472a0d79fa7c107affb1a2f7f146369040c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3886-15c098"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=97
Date
Mon, 30 Sep 2024 04:19:21 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Feb 2024 13:43:34 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1425560
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
fernandoforero-asfalto.woff2
epay.finance.gov.pg/dof-home/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.woff2
Requested by
Host: epay.finance.gov.pg
URL: https://epay.finance.gov.pg/dof-home/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
8d2a1aaade5c69c9a968b4d4e50f8dab39d32b36ff47b94b68c252dd728e0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://epay.finance.gov.pg
Referer
https://epay.finance.gov.pg/dof-home/css/fonts.css

Response headers

ETag
"65e59d0e-479d"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Date
Mon, 30 Sep 2024 04:19:31 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Mon, 04 Mar 2024 10:06:06 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18333
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2
favicon.ico
epay.finance.gov.pg/dof-home/images/ 		344 KB
345 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://epay.finance.gov.pg/dof-home/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.103.182.197 Port Moresby, Papua New Guinea, ASN63945 (DIGITECPNG-AS-AP Digitec PNG Limited, PG),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
65ecb9abcd9cae2b020b5a3748ced6d770e423d4374c94571c3a01ae439dbf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://epay.finance.gov.pg/dof-home/

Response headers

ETag
"65df3e80-5602f"
X-Permitted-Cross-Domain-Policies
none, *
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=96
Date
Mon, 30 Sep 2024 04:19:33 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 28 Feb 2024 14:09:04 GMT
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
352303
X-XSS-Protection
1; mode=block
Server
nginx/1.23.2

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| bootstrap function| _typeof function| pageTransition function| multitoggles function| $ function| jQuery object| device function| Popper object| regula boolean| isWebkit function| RDInputLabel object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| RDNavbar function| Swiper function| WOW object| Select2 function| onloadCaptchaCallback

0 Cookies

6 Console Messages

Source Level URL
Text
other warning URL: https://epay.finance.gov.pg/dof-home/(Line 314)
Message:
Failed to decode downloaded font: https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.ttf
other warning URL: https://epay.finance.gov.pg/dof-home/(Line 314)
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://epay.finance.gov.pg/dof-home/
Message:
Failed to decode downloaded font: https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.woff
other warning URL: https://epay.finance.gov.pg/dof-home/
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://epay.finance.gov.pg/dof-home/
Message:
Failed to decode downloaded font: https://epay.finance.gov.pg/dof-home/fonts/fernandoforero-asfalto.woff2
other warning URL: https://epay.finance.gov.pg/dof-home/
Message:
OTS parsing error: invalid sfntVersion: 1008813135

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epay.finance.gov.pg
fonts.googleapis.com
fonts.gstatic.com
103.103.182.197
142.250.185.99
2a00:1450:4001:82b::200a
007f185bd38c10c7438ddace9e8271b6aae3a19d5c972ba06130f4074e02ed61
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
473b44b3f109ad8c9e218cbf99cf302b2594f72f419de2ecd74fae57389aa5d0
47421d5f6c4feca7bd06e79616f39e985aa5d427cf3d40f3a606f744fac786c0
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
516e7b9507e06b22eaabcbbdd61f8e96b2cc2e6797c6e64368098f964597b5bf
56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
65ecb9abcd9cae2b020b5a3748ced6d770e423d4374c94571c3a01ae439dbf1b
6f063a1fadeb3b2a0366e6af996ed29e425b8a38be417db3373c2432873c0a6f
7c3c91df735b6c5e895cd9c29a3eb8427df5c53315680f8f1a252e8565433c2e
881c15f76b32e1d87e1dddca306feb48d7becbb7bf9cc8a1ce50c6de0f17b4ba
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c5ca0499da8a0dd4f0319751efff59f7b2c70477897a0061af89f4404869397
8c8ca74f40155726e2b75413791a541cd5397294bbd37fd4fb0fa881e40350d4
8d2a1aaade5c69c9a968b4d4e50f8dab39d32b36ff47b94b68c252dd728e0e8a
924e877ffd142f692bdbc169542da62af2f06e8e673f3fd1d71992341a0d8e0e
9b63128f507ccdd6c6ed0f67b41534e22ca9cf228bb1a49186e97bb960c5d795
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
aee335bd1d6758474d2ecc073faa20bddfbee5aabc7d98027efa152659ba154e
bf4e42e9cb41e79865a66619b11faa8991939421f5fe34c9a283f41e42a2f12d
c120e9a6719099c11bd56053ef1cc91ab634963e510f63dce6de9da74d91c2d9
e13dd78e364968643cde8c079cbf472a0d79fa7c107affb1a2f7f146369040c6
fc914e6c5e423d6ad4e8c6a0f1e256eae6091c36b96bf48c72c2268796ca2f72