Submitted URL: https://pay.xpress-pay.com/?pk=8254&a=545&e=robyn.berkey%40northpointe.com&l1=Robyn+Berkey&l2=CQ-Sharon+Chase+HOA-4616+Shar...
Effective URL: https://pay.xpress-pay.com/
Submission: On June 01 via manual from US — Scanned from US

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 40 HTTP transactions. The main IP is 209.235.242.188, located in United States and belongs to ASN-VINS, US. The main domain is pay.xpress-pay.com. The Cisco Umbrella rank of the primary domain is 553531.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 1st 2023. Valid for: a year.
This is the only time pay.xpress-pay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
15 xpress-pay.com
pay.xpress-pay.com — Cisco Umbrella Rank: 553531
enroll.xpress-pay.com — Cisco Umbrella Rank: 608106
206 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
1021 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
4 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 383
13 KB
3 trust-provider.com
secure.trust-provider.com — Cisco Umbrella Rank: 35002
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
2 gstatic.com
www.gstatic.com
23 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
149 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
85 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 172
413 B
1 sectigo.com
sectigo.com — Cisco Umbrella Rank: 488
4 KB
1 tctm.co
282236.tctm.co — Cisco Umbrella Rank: 788963
465 B
40 12
Domain Requested by
12 pay.xpress-pay.com 1 redirects pay.xpress-pay.com
5 www.google.com pay.xpress-pay.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
pay.xpress-pay.com
3 secure.trust-provider.com pay.xpress-pay.com
3 www.google-analytics.com pay.xpress-pay.com
www.google-analytics.com
3 enroll.xpress-pay.com pay.xpress-pay.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com pay.xpress-pay.com
www.googletagmanager.com
2 cdnjs.cloudflare.com pay.xpress-pay.com
cdnjs.cloudflare.com
1 www.googleadservices.com 1 redirects
1 sectigo.com pay.xpress-pay.com
1 282236.tctm.co www.googletagmanager.com
40 14

This site contains links to these domains. Also see Links.

Domain
www.visa.com
Subject Issuer Validity Valid
*.xpress-pay.com
Sectigo RSA Organization Validation Secure Server CA
2023-03-01 -
2024-02-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
secure.trust-provider.com
Sectigo RSA Organization Validation Secure Server CA
2023-02-14 -
2024-02-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
*.tctm.co
Amazon RSA 2048 M01
2023-02-22 -
2023-10-06
7 months crt.sh
www.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
sectigo.com
Sectigo RSA Extended Validation Secure Server CA
2023-04-06 -
2024-04-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://pay.xpress-pay.com/
Frame ID: EABFB6C1F24778E08AA1E7AD095ABC55
Requests: 40 HTTP requests in this frame

Screenshot

Page Title

Xpress-pay | Pay a bill

Page URL History Show full URLs

  1. https://pay.xpress-pay.com/?pk=8254&a=545&e=robyn.berkey%40northpointe.com&l1=Robyn+Berkey&l2=CQ-Sharon... HTTP 302
    https://pay.xpress-pay.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

523 kB
Transfer

1237 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pay.xpress-pay.com/?pk=8254&a=545&e=robyn.berkey%40northpointe.com&l1=Robyn+Berkey&l2=CQ-Sharon+Chase+HOA-4616+Sharon+Chase+Dr.+Apt+B HTTP 302
    https://pay.xpress-pay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.googleadservices.com/pagead/conversion/859136470/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM&ct_eid=2 HTTP 302
  • https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pay.xpress-pay.com/
Redirect Chain
  • https://pay.xpress-pay.com/?pk=8254&a=545&e=robyn.berkey%40northpointe.com&l1=Robyn+Berkey&l2=CQ-Sharon+Chase+HOA-4616+Sharon+Chase+Dr.+Apt+B
  • https://pay.xpress-pay.com/
15 KB
6 KB
Document
General
Full URL
https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
f5eca857a0da49469ff5b8b44aa21f5128a47c5c788f156c94c011edf8033a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
5112
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Jun 2023 20:19:18 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
P3p
CP="P3P is here to make Internet Explorer happy."
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Jun 2023 20:19:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://pay.xpress-pay.com/
P3p
CP="P3P is here to make Internet Explorer happy."
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
User-Agent
X-Frame-Options
ALLOWALL
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
bootstrap.min.css
pay.xpress-pay.com/assets/7051d1a/css/
158 KB
24 KB
Stylesheet
General
Full URL
https://pay.xpress-pay.com/assets/7051d1a/css/bootstrap.min.css
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:36 GMT
Server
Apache
ETag
"279d8-5f87235cb6fe5-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=98
Content-Length
24186
X-XSS-Protection
1; mode=block
activeform.min.css
pay.xpress-pay.com/assets/e614fb9a/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://pay.xpress-pay.com/assets/e614fb9a/css/activeform.min.css
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
007b853e2eb2b45265a68ae71d9ff24e26f8a659bda3bbed93faafb83b751277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:35 GMT
Server
Apache
ETag
"142a-5f87235c9a2f5-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=97
Content-Length
1500
X-XSS-Protection
1; mode=block
remarc.css
pay.xpress-pay.com/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://pay.xpress-pay.com/css/remarc.css
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
dfd7ebc4dd89eee7294a6f1eb1125f8ee0b6caea8452d8f4f76cfb6c14bb7c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 22 Mar 2020 14:30:07 GMT
Server
Apache
ETag
"25ad-5a1725ae94031-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=100
Content-Length
2758
X-XSS-Protection
1; mode=block
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/
55 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
774968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9939
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-da9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiC5ltpzuM72JXg33OouE64dXhMVZE7lULRt9OTFJxU9DN80XAGNudSkNdZYtAK9spbptTHo4D2rI2hpX2%2FhabFWRCakp6uoa940qaUNTPafWawqm8u64lTeFz8fBds0PEfIipy27C6pMYb6%2B9HCAAfg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d0a2697adbf29a9-ORD
expires
Tue, 21 May 2024 20:19:18 GMT
16403686-banner.png
enroll.xpress-pay.com/images/banners/
51 KB
52 KB
Image
General
Full URL
https://enroll.xpress-pay.com/images/banners/16403686-banner.png
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.237.45 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
syseast-xpcinf1.inetuhosted.net
Software
Apache /
Resource Hash
29d236ce5a180ffd7331dc55a3f321d134b3912e39242ced545f64510b197941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 May 2020 21:12:20 GMT
Server
Apache
ETag
"cd27-5a4ed1a66a8fc"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
52519
X-XSS-Protection
1; mode=block
Expires
0
provided-by-firstcitizens.png
enroll.xpress-pay.com/images/banners/
20 KB
20 KB
Image
General
Full URL
https://enroll.xpress-pay.com/images/banners/provided-by-firstcitizens.png
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.237.45 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
syseast-xpcinf1.inetuhosted.net
Software
Apache /
Resource Hash
8b8b1e92a3b11d2bfa5eae69368b84bc811a826734fa18a7281482b091070cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 15:17:13 GMT
Server
Apache
ETag
"4fce-569e4998f4a06"
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
20430
X-XSS-Protection
1; mode=block
Expires
0
visa-on-the-list-2022.png
pay.xpress-pay.com/images/
26 KB
27 KB
Image
General
Full URL
https://pay.xpress-pay.com/images/visa-on-the-list-2022.png
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
0a0d478f1708c9db1a76528175fbd76310e3ebc9438b02a30328b3a374f7bea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 25 May 2023 17:23:26 GMT
Server
Apache
ETag
"68b2-5fc87e0d34fe3"
Vary
User-Agent
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=100
Content-Length
26802
X-XSS-Protection
1; mode=block
jquery.min.js
pay.xpress-pay.com/assets/9db8dfbc/
88 KB
31 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/9db8dfbc/jquery.min.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:35 GMT
Server
Apache
ETag
"15ec3-5f87235c98b85-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=99
Content-Length
31043
X-XSS-Protection
1; mode=block
yii.js
pay.xpress-pay.com/assets/d0239f1c/
20 KB
6 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/d0239f1c/yii.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
995516724f69e24ddf82e9279a65d50a6f64a2c325226f7133bda794d6bf79a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:36 GMT
Server
Apache
ETag
"51d9-5f87235cb77b5-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=96
Content-Length
5828
X-XSS-Protection
1; mode=block
yii.activeForm.js
pay.xpress-pay.com/assets/d0239f1c/
36 KB
8 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/d0239f1c/yii.activeForm.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:35 GMT
Server
Apache
ETag
"9046-5f87235ca6e15-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=100
Content-Length
7454
X-XSS-Protection
1; mode=block
bootstrap.min.js
pay.xpress-pay.com/assets/7051d1a/js/
61 KB
15 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/7051d1a/js/bootstrap.min.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:36 GMT
Server
Apache
ETag
"f463-5f87235d0da9c-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=95
Content-Length
15319
X-XSS-Protection
1; mode=block
activeform.min.js
pay.xpress-pay.com/assets/e614fb9a/js/
3 KB
2 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/e614fb9a/js/activeform.min.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
d860a1c8f4209c1ee3cf0e519ca9ecbe0c648060972b7e7f9492e0950fa8de9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:35 GMT
Server
Apache
ETag
"d17-5f87235ca1055-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=98
Content-Length
1398
X-XSS-Protection
1; mode=block
yii.validation.js
pay.xpress-pay.com/assets/d0239f1c/
17 KB
4 KB
Script
General
Full URL
https://pay.xpress-pay.com/assets/d0239f1c/yii.validation.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.242.188 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
pay.xpress-pay.com
Software
Apache /
Resource Hash
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2023 17:51:36 GMT
Server
Apache
ETag
"4413-5f87235cbf89d-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=5, max=99
Content-Length
3359
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/
227 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PWQZPFP
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bc460f5fd985ee2c6e1679fb5b22da28eb6a9cd9791effd5ee86bd31a5a54a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82463
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jun 2023 20:19:18 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Jun 2023 19:56:36 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1362
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 01 Jun 2023 21:56:36 GMT
trustlogo.js
secure.trust-provider.com/trustlogo/javascript/
14 KB
14 KB
Script
General
Full URL
https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pay.xpress-pay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 01 Jun 2023 20:19:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 May 2023 12:47:32 GMT
accept-ranges
bytes
etag
"646229e4-3709"
content-length
14089
content-type
application/javascript
bg-cedar-management.jpg
enroll.xpress-pay.com/images/banners/
5 KB
5 KB
Image
General
Full URL
https://enroll.xpress-pay.com/images/banners/bg-cedar-management.jpg
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.235.237.45 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
syseast-xpcinf1.inetuhosted.net
Software
Apache /
Resource Hash
0c4629610250a983ca0ed80d794a56020af2a2bb64ebbc0bde85835b3cb8b52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 20:19:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Oct 2020 14:44:26 GMT
Server
Apache
ETag
"128f-5b22f62577aa8"
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4751
X-XSS-Protection
1; mode=block
Expires
0
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/
74 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Origin
https://pay.xpress-pay.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:18 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2431854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75440
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-126b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebl5Q91sTT9shoDFEDmRt9wal0nZnh6gNvGOILiGt2LlW6o%2BjccuV5IfJULpS1bF6RibY6WQnD3Nf%2Fhul%2B86KXJoPuXadm32FckJDMU8t9hDzvapCyN1bKHjOppFZ2uf8NfCaF4BXJXCrpmK1STBiMqW"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d0a2698ca488716-ORD
expires
Tue, 21 May 2024 20:19:18 GMT
collect
www.google-analytics.com/j/
4 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=315126210&t=pageview&_s=1&dl=https%3A%2F%2Fpay.xpress-pay.com%2F&ul=en-us&de=UTF-8&dt=Xpress-pay%20%7C%20Pay%20a%20bill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=140440102&gjid=863297875&cid=1912832266.1685650759&tid=UA-50558733-1&_gid=1259383.1685650759&_r=1&_slc=1&z=353256004
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xpress-pay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.xpress-pay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-50558733-1&cid=1912832266.1685650759&jid=140440102&gjid=863297875&_gid=1259383.1685650759&_u=IEBAAEAAAAAAACAAI~&z=2129797771
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xpress-pay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 01 Jun 2023 20:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.xpress-pay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=315126210&t=pageview&_s=1&dl=https%3A%2F%2Fpay.xpress-pay.com%2F&ul=en-us&de=UTF-8&dt=Xpress-pay%20%7C%20Pay%20a%20bill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=337510145&gjid=1897221683&cid=1912832266.1685650759&tid=UA-50558733-2&_gid=1259383.1685650759&_r=1&_slc=1&gtm=45He35v0n81PWQZPFP&z=2111744799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xpress-pay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.xpress-pay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWQZPFP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 01 Jun 2023 20:19:18 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E4E8CE4E9DFF4F38A27F375969B3080F Ref B: CHGEDGE1116 Ref C: 2023-06-01T20:19:18Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859136470/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859136470/?random=1685650758780&cv=11&fst=1685650758780&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay.xpress-pay.com%2F&hn=www.googleadservices.com&frm=0&tiba=Xpress-pay%20%7C%20Pay%20a%20bill&auid=2096739614.1685650759&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWQZPFP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5d72083cb2019184ccf2856eb90f3d8562708ba30f21627c6bffb5ac6c4a621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
190 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-859136470
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWQZPFP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24b40348d0fb1d775d2dbd904fe7369a8defba8f499e588fbc2fe9fac1887928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69470
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jun 2023 20:19:18 GMT
t.js
282236.tctm.co/
1 B
465 B
Script
General
Full URL
https://282236.tctm.co/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWQZPFP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:f400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:19 GMT
content-encoding
gzip
via
1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 20:19:19 GMT
server
ctm
x-amz-cf-pop
JFK50-P5
etag
W/6478fd4700044e7c13e8f244-282236
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
D2o9NSq_xs2y52PLc5OEUOaV7YdGXG0ZXTQrLjqDDLDb44HWL_SLcA==
collect
stats.g.doubleclick.net/j/
2 B
68 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-50558733-2&cid=1912832266.1685650759&jid=337510145&gjid=1897221683&_gid=1259383.1685650759&_u=aEDAAEABAAAAACAAI~&z=1368070248
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xpress-pay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 01 Jun 2023 20:19:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.xpress-pay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-50558733-1&cid=1912832266.1685650759&jid=140440102&_u=IEBAAEAAAAAAACAAI~&z=1031046113
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
134596622.js
bat.bing.com/p/action/
0
116 B
Script
General
Full URL
https://bat.bing.com/p/action/134596622.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 01 Jun 2023 20:19:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A1FA73B9F1D64C53A10651B11CC9B3CD Ref B: CHGEDGE1116 Ref C: 2023-06-01T20:19:18Z
x-cache
CONFIG_NOCACHE
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-50558733-2&cid=1912832266.1685650759&jid=337510145&_u=aEDAAEABAAAAACAAI~&z=1579798269
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859136470/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859136470/?random=1685650758922&cv=11&fst=1685650758922&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay.xpress-pay.com%2F&hn=www.googleadservices.com&frm=0&tiba=Xpress-pay%20%7C%20Pay%20a%20bill&auid=2096739614.1685650759&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859136470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41ba00e541d98707d2fd87906f2989ae49d5d5772fb8bb47c517a62a3bf74f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
www.gstatic.com/wcm/
3 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859136470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
3379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 01 Jun 2023 20:23:00 GMT
/
www.google.com/pagead/1p-user-list/859136470/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859136470/?random=1685650758780&cv=11&fst=1685649600000&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay.xpress-pay.com%2F&frm=0&tiba=Xpress-pay%20%7C%20Pay%20a%20bill&fmt=3&is_vtc=1&random=3489538935&rmt_tld=0&ipr=y
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seal_bg.gif
secure.trust-provider.com/trustlogo/images/popup/
5 KB
5 KB
Image
General
Full URL
https://secure.trust-provider.com/trustlogo/images/popup/seal_bg.gif
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 May 2023 12:48:36 GMT
accept-ranges
bytes
etag
"64622a24-12f3"
content-length
4851
content-type
image/gif
warranty_level.gif
secure.trust-provider.com/trustlogo/images/popup/
713 B
892 B
Image
General
Full URL
https://secure.trust-provider.com/trustlogo/images/popup/warranty_level.gif
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 May 2023 12:47:33 GMT
accept-ranges
bytes
etag
"646229e5-2c9"
content-length
713
content-type
image/gif
sectigo_trust_seal_md_2x.png
sectigo.com/images/seals/
4 KB
4 KB
Image
General
Full URL
https://sectigo.com/images/seals/sectigo_trust_seal_md_2x.png
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.130.5 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
a8a52e591f079061ede00df3d349fc7354b304514eb69c323cce18dbc4709a90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:19 GMT
last-modified
Wed, 24 May 2023 15:28:45 GMT
server
fbs
etag
"1684942125"
x-hw
1685650759.dop208.ch4.t,1685650759.cds214.ch4.hn,1685650759.cds156.ch4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3957
/
www.google.com/pagead/1p-user-list/859136470/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859136470/?random=1685650758922&cv=11&fst=1685649600000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay.xpress-pay.com%2F&frm=0&tiba=Xpress-pay%20%7C%20Pay%20a%20bill&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2955123475&rmt_tld=0&ipr=y
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 20:19:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
359 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=134596622&tm=gtm002&Ver=2&mid=4d7fe39d-3d02-4be1-a452-5f91ec1f30a3&sid=969423e000b911ee9103d1bee2bd0474&vid=96943fe000b911ee90c1b5d40e1a89b7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Xpress-pay%20%7C%20Pay%20a%20bill&p=https%3A%2F%2Fpay.xpress-pay.com%2F&r=&lt=1668&evt=pageLoad&sv=1&rn=979174
Requested by
Host: pay.xpress-pay.com
URL: https://pay.xpress-pay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Jun 2023 20:19:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 30722D35D72F48F5A500BE5598022394 Ref B: CHGEDGE1116 Ref C: 2023-06-01T20:19:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/
54 KB
21 KB
Script
General
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 22:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 May 2024 22:29:21 GMT
wcm
www.google.com/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/859136470/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM&ct_eid=2
  • https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM
80 B
244 B
XHR
General
Full URL
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM
Protocol
H2
Server
2607:f8b0:4006:80b::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.xpress-pay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
content-type
application/json; charset=UTF-8
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87
x-xss-protection
0

Redirect headers

date
Thu, 01 Jun 2023 20:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6077536156&cl=3i2qCIjW424Q1sPVmQM
access-control-allow-origin
https://pay.xpress-pay.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer string| GoogleAnalyticsObject function| ga string| tlJsHost object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_0f101919af object| uetq function| gtag function| _googWcmImpl string| _googWcmAk function| TrustLogo function| TrustLogo_MouseOver function| TrustLogo_MouseMove function| TrustLogo_MouseOut function| TrustLogo_Credentials function| tLL function| tLM function| tLN function| tLWC function| tLXC function| tLZC function| tLaC function| tLX function| tLY function| tLiB function| tLQC function| tLRC function| tL1C function| tL0C function| tL9C function| tL2C function| tL3C function| tLUC function| tLrC function| tLsC function| tLtC function| tLuC function| tLvC function| tLjC function| tLz function| tLHB function| tLIB function| tLd function| tLe function| tLf function| tLh function| tLi function| tLj function| tLl function| tLm function| tLn function| tLo function| tLp function| tLq function| tLr function| tLs function| tLt function| tLu function| tLx function| tLv function| tLw function| tLy function| tLJB function| tLHC function| tLIC function| tLKB function| tLLB function| tLMB function| tL_C function| tLXB function| tLeB function| tLnB function| tLqC function| tLTC function| tLpC function| tLoB function| tLpB function| tLlB function| tLmB function| createStyleRule string| current_code string| tLB string| tLC string| tLD string| tLE string| tLF string| tLG string| tLH string| tLI string| tLnC string| tLbC string| tLlC string| tLyC string| tLMC string| tLLC string| tLNC number| tLgC number| tLeC number| tLhC number| tLP number| tLQ number| tLfC number| tLiC number| tLU number| tLV string| tLzC number| tLR number| tLS number| tLT number| tLW object| tLO string| tLYC string| tLGB string| tLNB number| tLOB number| tLPB number| tLQB number| tLRB object| tLSB string| tLTB boolean| tLUB number| tLVB string| tLWB number| version string| host function| $ function| jQuery object| yii object| bootstrap function| kvBs4InitForm function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status

15 Cookies

Domain/Path Name / Value
pay.xpress-pay.com/ Name: advanced-frontend
Value: 06fsi5qlptmivc3s8jgdl6in8b
pay.xpress-pay.com/ Name: billUrl
Value: e4328387562582fd6e36414ad614338a844f793b533229f0b537054c68eeb664a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22billUrl%22%3Bi%3A1%3Bs%3A141%3A%22https%3A%2F%2Fpay.xpress-pay.com%2F%3Fpk%3D8254%26a%3D545%26e%3Drobyn.berkey%2540northpointe.com%26l1%3DRobyn%2BBerkey%26l2%3DCQ-Sharon%2BChase%2BHOA-4616%2BSharon%2BChase%2BDr.%2BApt%2BB%22%3B%7D
pay.xpress-pay.com/ Name: cookiesEnabledXPC
Value: 15383aa962571c9e1e3931a101ef9388284287611073d4fee84e08fa6f76f610a%3A2%3A%7Bi%3A0%3Bs%3A17%3A%22cookiesEnabledXPC%22%3Bi%3A1%3Bs%3A39%3A%22Cookies%20are%20required%20to%20use%20Xpress-Pay.%22%3B%7D
pay.xpress-pay.com/ Name: _csrf-frontend
Value: 05fd18694d0f57eca0ff70a69ad72d180ba0f972a75741a35863b71f47a29f29a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22A8RpZYtAhQk_Bu07cBZUd3QBsBavqZqs%22%3B%7D
.xpress-pay.com/ Name: _ga
Value: GA1.2.1912832266.1685650759
.xpress-pay.com/ Name: _gid
Value: GA1.2.1259383.1685650759
.xpress-pay.com/ Name: _gat
Value: 1
.xpress-pay.com/ Name: _gcl_au
Value: 1.1.2096739614.1685650759
.xpress-pay.com/ Name: _gat_UA-50558733-2
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xpress-pay.com/ Name: _uetsid
Value: 969423e000b911ee9103d1bee2bd0474
.xpress-pay.com/ Name: _uetvid
Value: 96943fe000b911ee90c1b5d40e1a89b7
282236.tctm.co/ Name: ct282236
Value: 6478fd4700044e7c13e8f244
.bing.com/ Name: MUID
Value: 335FF9C1686261B73E8EEAE269CA605B
.bat.bing.com/ Name: MR
Value: 0

2 Console Messages

Source Level URL
Text
javascript warning URL: https://pay.xpress-pay.com/(Line 163)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pay.xpress-pay.com/(Line 163)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

282236.tctm.co
bat.bing.com
cdnjs.cloudflare.com
enroll.xpress-pay.com
googleads.g.doubleclick.net
pay.xpress-pay.com
sectigo.com
secure.trust-provider.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
151.139.130.5
172.217.13.194
209.235.237.45
209.235.242.188
2600:9000:2510:f400:12:de4a:40:93a1
2606:4700::6811:190e
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4020:804::2003
2620:1ec:c11::200
91.199.212.148
007b853e2eb2b45265a68ae71d9ff24e26f8a659bda3bbed93faafb83b751277
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0a0d478f1708c9db1a76528175fbd76310e3ebc9438b02a30328b3a374f7bea7
0c4629610250a983ca0ed80d794a56020af2a2bb64ebbc0bde85835b3cb8b52b
1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05
24b40348d0fb1d775d2dbd904fe7369a8defba8f499e588fbc2fe9fac1887928
29d236ce5a180ffd7331dc55a3f321d134b3912e39242ced545f64510b197941
41ba00e541d98707d2fd87906f2989ae49d5d5772fb8bb47c517a62a3bf74f1e
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5bc460f5fd985ee2c6e1679fb5b22da28eb6a9cd9791effd5ee86bd31a5a54a4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b
8b8b1e92a3b11d2bfa5eae69368b84bc811a826734fa18a7281482b091070cdc
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
995516724f69e24ddf82e9279a65d50a6f64a2c325226f7133bda794d6bf79a5
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a8a52e591f079061ede00df3d349fc7354b304514eb69c323cce18dbc4709a90
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
c5d72083cb2019184ccf2856eb90f3d8562708ba30f21627c6bffb5ac6c4a621
d860a1c8f4209c1ee3cf0e519ca9ecbe0c648060972b7e7f9492e0950fa8de9a
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dfd7ebc4dd89eee7294a6f1eb1125f8ee0b6caea8452d8f4f76cfb6c14bb7c5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5eca857a0da49469ff5b8b44aa21f5128a47c5c788f156c94c011edf8033a1a
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df