urlscan.io logo urlscan.io
SecurityTrails logo

payments.ncdot.gov Open in urlscan Pro
54.84.41.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myncdmv.cmail20.com/t/t-l-ahlhkld-jjddahjuh-y/
Effective URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Ren...
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 54 HTTP transactions. The main IP is 54.84.41.238, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is payments.ncdot.gov. The Cisco Umbrella rank of the primary domain is 488634.
TLS certificate: Issued by R3 on October 6th 2022. Valid for: 3 months.
This is the only time payments.ncdot.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.158.72.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-72-22.eu-central-1.compute.amazonaws.com
myncdmv.cmail20.com
7    54.84.41.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-41-238.compute-1.amazonaws.com
payments.ncdot.gov
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
6    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    104.77.42.191 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-42-191.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
7    96.127.83.35 (Boardman, United States)

ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
auth.payitgov.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    15.205.197.234 (Boardman, United States)

ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-15-205-197-234.us-gov-west-1.compute.amazonaws.com
5900-app.mobilgov.com
1    2600:9000:223f:c600:1f:775:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)
d3nh6asts0jslb.cloudfront.net
4    2600:9000:224a:e600:11:8fa9:6340:21 (United States)

ASN16509 (AMAZON-02, US)
d3ck169wa5xhu5.cloudfront.net
Apex Domain
Subdomains		 Transfer
7 payitgov.com
auth.payitgov.com — Cisco Umbrella Rank: 361730
1 MB
7 ncdot.gov
payments.ncdot.gov — Cisco Umbrella Rank: 488634
1010 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2668
63 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
286 KB
5 cloudfront.net
d3nh6asts0jslb.cloudfront.net
d3ck169wa5xhu5.cloudfront.net
2 MB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
288 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
12 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 112
www.google.com — Cisco Umbrella Rank: 2
41 KB
2 mobilgov.com
5900-app.mobilgov.com — Cisco Umbrella Rank: 359443
524 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
155 KB
2 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3191
35 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
444 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624
15 KB
1 cmail20.com
myncdmv.cmail20.com
649 B
0 Failed
function sub() { [native code] }. Failed
0 google.de Failed
www.google.de Failed
0 twitter.com Failed
analytics.twitter.com Failed
0 t.co Failed
t.co Failed
54 19
Domain Requested by
7 auth.payitgov.com payments.ncdot.gov
auth.payitgov.com
7 payments.ncdot.gov payments.ncdot.gov
6 connect.facebook.net payments.ncdot.gov
connect.facebook.net
auth.payitgov.com
4 d3ck169wa5xhu5.cloudfront.net auth.payitgov.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 maps.googleapis.com payments.ncdot.gov
maps.googleapis.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
payments.ncdot.gov
2 5900-app.mobilgov.com payments.ncdot.gov
2 region1.google-analytics.com www.googletagmanager.com
2 www.facebook.com payments.ncdot.gov
2 www.googletagmanager.com payments.ncdot.gov
www.googletagmanager.com
2 appleid.cdn-apple.com payments.ncdot.gov
auth.payitgov.com
2 apis.google.com payments.ncdot.gov
auth.payitgov.com
1 d3nh6asts0jslb.cloudfront.net auth.payitgov.com
1 www.google.com payments.ncdot.gov
1 stats.g.doubleclick.net www.google-analytics.com
1 static.ads-twitter.com www.googletagmanager.com
1 myncdmv.cmail20.com 1 redirects
0 truncated Failed auth.payitgov.com
0 www.google.de Failed payments.ncdot.gov
0 analytics.twitter.com Failed payments.ncdot.gov
0 t.co Failed payments.ncdot.gov
54 22

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
Subject Issuer Validity Valid
one.alabama.gov
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
auth.mobilgov.com
R3		 2022-10-01 -
2022-12-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
5900-app.mobilgov.com
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Frame ID: 9CE9062C826A347DCA2D3ED27C0BD904
Requests: 39 HTTP requests in this frame

Frame: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Frame ID: 7F6931F90EFB83E12097EDC91BE6B7B5
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myNCDMV Log In

Page URL History Show full URLs

  1. https://myncdmv.cmail20.com/t/t-l-ahlhkld-jjddahjuh-y/ HTTP 302
    https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

54
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

22
Subdomains

18
IPs

4
Countries

4859 kB
Transfer

11381 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myncdmv.cmail20.com/t/t-l-ahlhkld-jjddahjuh-y/ HTTP 302
    https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
payments.ncdot.gov/
Redirect Chain
  • https://myncdmv.cmail20.com/t/t-l-ahlhkld-jjddahjuh-y/
  • https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=cam...
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
663b48e9b3d66bb8651825ed469c647cf0bc8aaf214f0d7fd2b1582f031884eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com;frame-ancestors 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca;script-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline' https: 'unsafe-eval' bat.bing.com;img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com;font-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: data:;form-action 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com 'self';style-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline';connect-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.doubleclick.net;object-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca 'self' blob: 'self' data:;base-uri 'self';block-all-mixed-content;script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en
content-security-policy
default-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com;frame-ancestors 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca;script-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline' https: 'unsafe-eval' bat.bing.com;img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com;font-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: data:;form-action 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com 'self';style-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline';connect-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.doubleclick.net;object-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca 'self' blob: 'self' data:;base-uri 'self';block-all-mixed-content;script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 18 Oct 2022 21:20:14 GMT
etag
W/"5c13-0NStHAKhlj5Fa9n7F+vcoAxg4eY"
server
envoy
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
14
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Tue, 18 Oct 2022 21:20:13 GMT
Location
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Server
_waflopenresty/1.11.2.2
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"95a07626e083cec6"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 21:20:14 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d38aa23caaa05bc21c7115d7535fb9db468f75ab1e9c64c268830b274eaa2268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:14 GMT
content-md5
U8QhAwcjbCCIvTRt8FHEkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1683
x-fb-rlafr
0
x-fb-debug
x5juv8U3UiZMq76J4+FBcgrikinM/C+aJQa7NtBDHrUXOsr8RLTaFVUxbWBwdfaLdqQ5X6qiHh6RZur15sgFrw==
x-fb-trip-id
686109401
x-fb-content-md5
f7bec0f672a63ff7dc20b7153eb8fd19
cross-origin-opener-policy
same-origin-allow-popups
etag
"1963d75e292b671650bebe04a83ebeb3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=1,i
expires
Tue, 18 Oct 2022 21:30:25 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.42.191 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-42-191.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 18 Oct 2022 21:20:14 GMT
Last-Modified
Thu, 06 Oct 2022 17:25:46 GMT
Server
Apple
ETag
W/"42671-1665077146037"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
js
maps.googleapis.com/maps/api/ 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDAMRO95AebGRLOwn2q9JiGzKwQN1ZjBis&libraries=places&language=en
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
7e503eae1660b5c2523a2d453f229fda720cd0e0357aaf94f772f98ef48613a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=31
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56181
x-xss-protection
0
expires
Tue, 18 Oct 2022 21:50:14 GMT
sdk
auth.payitgov.com/api/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/api/sdk
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
55f05af7df6d30b36d6858a20bb53c5dbfe25002a19a0fa5e7a280ce9582d023
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
strict-transport-security
"max-age=31536000; includeSubDomains" always;
referrer-policy
strict-origin-when-cross-origin
date
Tue, 18 Oct 2022 21:20:14 GMT
server
envoy
etag
W/"28e9-oDZm+N4e/4SQvl6JykYM2QU36Kk"
content-type
application/octet-stream
content-language
en
x-envoy-upstream-service-time
16
content-length
10473
main.4cd305f7a3e09723452e.css
payments.ncdot.gov/ 		303 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/main.4cd305f7a3e09723452e.css
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
a76745d9caa3abaf1d96760066c229b16c6a45cf2389316db99090920a22c8d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"4bbb4-183b3d106e0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
x-envoy-upstream-service-time
12
accept-ranges
bytes
main.4cd305f7a3e09723452e.js
payments.ncdot.gov/ 		3 MB
875 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/main.4cd305f7a3e09723452e.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
3e5c5e79741a38c2f2c6f9e98a71eeae405d8513bcd769d184da7852f63123e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"2c3ce1-183b3d106e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-envoy-upstream-service-time
10
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		232 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65d803e757e3feb01f6545b3646ef55a65a5c60fd1f278b7321fdeab1dde324c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82560
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Oct 2022 21:20:14 GMT
OpenSans-Regular.362b56e7c69551249027.woff
payments.ncdot.gov/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/OpenSans-Regular.362b56e7c69551249027.woff
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/main.4cd305f7a3e09723452e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

Referer
https://payments.ncdot.gov/main.4cd305f7a3e09723452e.css
Origin
https://payments.ncdot.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"f8e0-183b3d106e0"
content-type
font/woff
cache-control
public, max-age=0
x-envoy-upstream-service-time
9
accept-ranges
bytes
content-length
63712
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8b98cfb54af0aa95f9e93fb27ad0584d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
552b4dee39c07752950ce7c158f3fa6782c74a7e27f2f23d24c8c3232cd4abab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://payments.ncdot.gov/
Origin
https://payments.ncdot.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:14 GMT
content-md5
yCLjbT10BueWKMZd6gmvEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88415
x-fb-rlafr
0
x-fb-debug
eaI4lpa4QR5liDQrneVe1fbeLSRSPAiPfozSwU7NLJYudi4UpEZjpuarhErRvV0CssFD8Jns2nStvSh9Rb9deg==
x-fb-content-md5
376f32f59685789034f8c622286aa7ea
cross-origin-opener-policy
same-origin-allow-popups
etag
"0a64b5ba7ee3c27ff8fad743d67777f7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Oct 2023 19:30:04 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDAMRO95AebGRLOwn2q9JiGzKwQN1ZjBis&libraries=places&language=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://payments.ncdot.gov
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
optimize.js
www.google-analytics.com/gtm/ 		108 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-MZF9C88
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3d8a3be402ebb1bfeb8424a4fd6ec58944ce1d17b2acb9c549f09bd45bb8705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43279
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Oct 2022 21:20:15 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 18 Oct 2022 21:20:14 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D354807B6DA4BC5AF93A54B59170DC6 Ref B: FRAEDGE1312 Ref C: 2022-10-18T21:20:15Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kjyo7100153-IAD, cache-muc13933-MUC
fbevents.js
connect.facebook.net/en_US/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Oct 2022 21:20:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
czpl4+agG/vrlAWxbDehrBV5wtnZm5ktVxwKPebtPRc4UJHc0l4W+ZDafQGKrAsKx/61/0sXpwJuvGg5fXkGHA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L75KD27D43&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
996f0c2cc36f8ff5373c5881c6269381e996e7239cb856a22f84daa21d40dcf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75577
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Oct 2022 21:20:15 GMT
377723573136484
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/377723573136484?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
990711b0bb14cfe63f3fd046a0b8de28e5ab5a3478528675a19e5a7183fc2760
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Oct 2022 21:20:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
yhVAfD1wDbYJPfsG2SgSl21O1ogcPXriUI6fDTiq/j+cvx8rkn7fjzUZCnsTZxyhZ14ebAQRFEl6bU9S3WOW4w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
17163419.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17163419.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 18 Oct 2022 21:20:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FACEB78368B64E7D910C5EB41C9FB8D3 Ref B: FRAEDGE1312 Ref C: 2022-10-18T21:20:15Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17163419&tm=gtm002&Ver=2&mid=c1466821-6ca4-406c-b81c-8a2afdbac530&sid=a864bbf04f2a11edb31189d8c74b9c4d&vid=a864d8004f2a11edba74af8c98578ae6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&r=&evt=pageLoad&sv=1&rn=251364
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 21:20:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EC8778A7401742BCBD1D661F72FD891F Ref B: FRAEDGE1312 Ref C: 2022-10-18T21:20:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		0
0
adsct
analytics.twitter.com/i/ 		0
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FDBHFV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
258
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 18 Oct 2022 23:15:57 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=377723573136484&ev=PageView&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&rl=&if=false&ts=1666128015134&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666128015133.1723835351&it=1666128015039&coo=false&rqm=GET
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 18 Oct 2022 21:20:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L75KD27D43&gtm=2oeah0&_p=430325293&cid=238619002.1666128015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666128015&sct=1&seg=0&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&dt=&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L75KD27D43&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 21:20:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncdot.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=430325293&t=pageview&_s=1&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&dp=%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACgAI~&jid=1743320202&gjid=392117143&cid=238619002.1666128015&tid=UA-93243443-1&_gid=829174592.1666128015&_r=1&gtm=2wgah05FDBHFV&z=12519587
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncdot.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 21:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncdot.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-93243443-1&cid=238619002.1666128015&jid=1743320202&gjid=392117143&_gid=829174592.1666128015&_u=YADAAEAAQAAAACgAI~&z=1445902925
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncdot.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 18 Oct 2022 21:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncdot.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-93243443-1&cid=238619002.1666128015&jid=1743320202&_u=YADAAEAAQAAAACgAI~&z=758376920
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 21:20:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
8612.4cd305f7a3e09723452e.js
payments.ncdot.gov/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/8612.4cd305f7a3e09723452e.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/main.4cd305f7a3e09723452e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
5cfca67a86d5b459885d20aadc26bc50393cadd0e8d0beabb1cfba9829670f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"2158-183b3d106e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-envoy-upstream-service-time
17
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=377723573136484&ev=Microdata&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&rl=&if=false&ts=1666128015705&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22myNCDMV%22%2C%22og%3Adescription%22%3A%22The%20North%20Carolina%20DMV%27s%20official%20way%20to%20pay%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666128015133.1723835351&it=1666128015039&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 18 Oct 2022 21:20:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
service-offerings
5900-app.mobilgov.com/app/mobilgov_nc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5900-app.mobilgov.com/app/mobilgov_nc/service-offerings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.205.197.234 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-197-234.us-gov-west-1.compute.amazonaws.com
Software
envoy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,payit-appname,payit-devicefingerprint,payit-platform,x-payit-language
Access-Control-Request-Method
GET
Origin
https://payments.ncdot.gov
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type,payit-appname,payit-devicefingerprint,payit-platform,x-payit-language
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache
date
Tue, 18 Oct 2022 21:20:16 GMT
pragma
no-cache
server
envoy
vary
Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
13
x-powered-by
Express
service-offerings
5900-app.mobilgov.com/app/mobilgov_nc/ 		1 KB
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5900-app.mobilgov.com/app/mobilgov_nc/service-offerings
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/main.4cd305f7a3e09723452e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.205.197.234 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-197-234.us-gov-west-1.compute.amazonaws.com
Software
envoy / Express
Resource Hash
8546135c6d3f1ab8aeec1065c7e7e7b3c74c54b08976a9fc1a8053ec3a30d764

Request headers

PayIt-Platform
web
Accept-Language
de-DE,de;q=0.9
PayIt-DeviceFingerprint
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json
X-PayIt-Language
en
Referer
https://payments.ncdot.gov/
PayIt-AppName
mobilgov_nc

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 21:20:16 GMT
content-encoding
gzip
server
envoy
x-powered-by
Express
etag
W/"5c9-0e4UW2k8me9p952z20amhXH5ny8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en
cache-control
no-store, no-cache
x-envoy-upstream-service-time
24
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=430325293&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=userAction&ea=sessionStart&el=&_u=aADAAEABQAAAACgAI~&jid=&gjid=&cid=238619002.1666128015&tid=UA-93243443-1&_gid=829174592.1666128015&gtm=2wgah05FDBHFV&z=1358845995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 02:20:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68412
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pages-Auth-SignIn.324265805bf19df1f80f.css
payments.ncdot.gov/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/pages-Auth-SignIn.324265805bf19df1f80f.css
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/main.4cd305f7a3e09723452e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
2c6b6d213afad294f82d9f8b6db6c36c88dfa5c795e9600633216d79f06c9b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"15df-183b3d106e0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
x-envoy-upstream-service-time
15
accept-ranges
bytes
pages-Auth-SignIn.4cd305f7a3e09723452e.js
payments.ncdot.gov/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ncdot.gov/pages-Auth-SignIn.4cd305f7a3e09723452e.js
Requested by
Host: payments.ncdot.gov
URL: https://payments.ncdot.gov/main.4cd305f7a3e09723452e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.41.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-238.compute-1.amazonaws.com
Software
envoy /
Resource Hash
baeca235c0eb344ba71233a9d125c1ade6f3d31d5355d00e7a4bab3e132f27c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:15 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 18:59:24 GMT
server
envoy
etag
W/"a8e7-183b3d106e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-envoy-upstream-service-time
11
accept-ranges
bytes
v1
auth.payitgov.com/api/sdk/ 		55 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/api/sdk/v1
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/api/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
e889f8f2aa0fd984b70cbcadb0aa877d29482451426cf7635b303349b322ac9a
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
strict-transport-security
"max-age=31536000; includeSubDomains" always;
referrer-policy
strict-origin-when-cross-origin
date
Tue, 18 Oct 2022 21:20:16 GMT
server
envoy
etag
W/"da13-8VzKzWhLB2WhTGBGKLsFp6YhZGA"
content-type
application/octet-stream
content-language
en
x-envoy-upstream-service-time
15
content-length
55827
/
auth.payitgov.com/ Frame 7F69 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/api/sdk/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
f44e4c112678b84a98ab59dd35599317140ca4264940c5f7938d761f81329130
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

Request headers

Referer
https://payments.ncdot.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en
content-security-policy
default-src 'self';img-src 'self' *.cloudfront.net;script-src 'self' 'unsafe-inline' appleid.cdn-apple.com *.facebook.net *.google.com;style-src 'self' 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Tue, 18 Oct 2022 21:20:16 GMT
etag
W/"1d7e-j6DjbWniwZK3te91N6PpXScCNww"
referrer-policy
strict-origin-when-cross-origin
server
envoy
strict-transport-security
"max-age=31536000; includeSubDomains" always;
vary
Accept-Encoding
x-envoy-upstream-service-time
13
standalone-auth-react.css
auth.payitgov.com/dist/ Frame 7F69 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/dist/standalone-auth-react.css
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
45dc5d6d0f77870e04468eac65b84697bc26023df6724ea1aad9140c55821efd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:16 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 14:51:02 GMT
server
envoy
etag
W/"1c2a-1839e5433f0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
content-language
en
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
accept-ranges
bytes
vendors~standalone-auth-react.css
auth.payitgov.com/dist/ Frame 7F69 		426 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/dist/vendors~standalone-auth-react.css
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
c84ad6679d1dac3da8a7e0a5d0c74d4c5338fed3b634b1a540590ef91cf0b6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:16 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 14:51:02 GMT
server
envoy
etag
W/"6a6fd-1839e5433f0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
content-language
en
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
accept-ranges
bytes
sdk.js
connect.facebook.net/en/ Frame 7F69 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en/sdk.js
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
53e281216557a94b2aaf90ac97be78a59325f86d1fcdc5a0290bf8ac2fa72ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:16 GMT
content-md5
NRKwU4juVXsdaizMbgK1Dw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
3gnp9O10/bjS2YxAjWhBLq3qmia6DgCHBxrZRtociFTwFqxOe7nJGMDtkkbofcKejvoaiVp6zfGEVc3S9Fjb/g==
x-fb-content-md5
38f785e73adba6e5e7dd46c907636db3
cross-origin-opener-policy
same-origin-allow-popups
etag
"8de175d88180660369223a6e9cc5a019"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Oct 2022 21:21:21 GMT
platform.js
apis.google.com/js/ Frame 7F69 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"95a07626e083cec6"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 21:20:16 GMT
vendors~standalone-auth-react.6aa3d5ad0ff5ed755b5b.js
auth.payitgov.com/dist/modern/ Frame 7F69 		3 MB
913 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/dist/modern/vendors~standalone-auth-react.6aa3d5ad0ff5ed755b5b.js
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
a955b7cb8342de8f7116aea1c517f803a2fa9aee5bd12f766c80baecddcef4a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 14:51:02 GMT
server
envoy
etag
W/"317842-1839e5433f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
content-language
en
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
accept-ranges
bytes
standalone-auth-react.df1dea466d9db148bb4e.js
auth.payitgov.com/dist/modern/ Frame 7F69 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.payitgov.com/dist/modern/standalone-auth-react.df1dea466d9db148bb4e.js
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.127.83.35 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-96-127-83-35.us-gov-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
36ded1dfd8469df4a3ece8d6c927a142b1872bbbb6ceab810f6896ed13ade342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:20:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 14:51:02 GMT
server
envoy
etag
W/"15a20-1839e5433f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
content-language
en
cache-control
public, max-age=0
x-envoy-upstream-service-time
15
accept-ranges
bytes
sdk.js
connect.facebook.net/en_US/ Frame 7F69 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=850df2ce3f39fda20db6d00a74a568f6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a2713c8aa1876fbad8d38a6a46c5834d7f90173631ede1c1884dcb6838de383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://auth.payitgov.com/
Origin
https://auth.payitgov.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 21:20:17 GMT
content-md5
L3MnmhesxJSnXEMJioXmcA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86958
x-fb-rlafr
0
x-fb-debug
4Cxr2ljQowPhGHTaoK8P+VmXnZ+bxxcPiV6zpgpRwDyyPCfSxidIY+7+4mXKzoWgOWyuF8x9MqxyN7Lvc9M9VA==
x-fb-content-md5
e468b0fe6c62a9e022d3f3f65d5576e9
cross-origin-opener-policy
same-origin-allow-popups
etag
"db772006de948e2c4329a144ff2dd623"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Oct 2023 19:37:26 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ Frame 7F69 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.42.191 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-42-191.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 18 Oct 2022 21:20:17 GMT
Last-Modified
Thu, 06 Oct 2022 17:25:46 GMT
Server
Apple
ETag
W/"42671-1665077146037"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
truncated
/ Frame 7F69 		0
0
branding-hero.png
d3nh6asts0jslb.cloudfront.net/ncdmv/ Frame 7F69 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nh6asts0jslb.cloudfront.net/ncdmv/branding-hero.png
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c600:1f:775:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93c7d537c4318048498713ef7e646c9ca9b07051c90ea2a391c132b3a4fdecd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:35:19 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
last-modified
Fri, 03 Jan 2020 16:32:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
45899
etag
"f53bb29d12a4f8ff7c9523606a377cb8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1906746
x-amz-cf-id
r6CNGjI7TOgsodywsJzrahRO0Erl20yyVaDSfmLn2NorMI6Ic8v_5g==
e3a093fe-d360-456f-828e-ef459d2e33f3
d3ck169wa5xhu5.cloudfront.net/generic/ Frame 7F69 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ck169wa5xhu5.cloudfront.net/generic/e3a093fe-d360-456f-828e-ef459d2e33f3
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/log-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e600:11:8fa9:6340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8288d79045ca0ac58137ec32a9620fe95aa443b9cd07404c97254e1cc8575cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
gtrULxLjeYl._KnU0H7pJ5_VFcKEzLkk
date
Tue, 18 Oct 2022 08:35:19 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
last-modified
Mon, 23 Nov 2020 21:31:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
45900
etag
"83c41b0ed421fa7baf02f1c59973d9f7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10662
x-amz-meta-payit_public
true
x-amz-cf-id
6teSGWykRovZESTTJuI1JCpMTpRt1ZKQo0ZxytsSY3W7J8L27WWY_g==
5ab17360-e3b7-43d9-8171-47b3bafa81e0
d3ck169wa5xhu5.cloudfront.net/generic/ Frame 7F69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ck169wa5xhu5.cloudfront.net/generic/5ab17360-e3b7-43d9-8171-47b3bafa81e0
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/log-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e600:11:8fa9:6340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4322d7d92d016f1ffc40115cbb11c21a95c6bf53a9e55170678e28f16b982941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 04:06:24 GMT
x-amz-version-id
DQFt1W.elVByIuHP71Tg.dHgehAyDQqi
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 16:46:37 GMT
server
AmazonS3
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
etag
W/"5ec9dfc3bbb4a9246572203395882b8b"
age
62035
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
GekpDlr0Ur16fICAZTO2Eq-oo92F3Oy8hYGyRkZFgAgEZHu9lQyfsw==
x-amz-meta-payit_public
true
3c68e3ec-7448-47ed-b564-cf8e2351d20e
d3ck169wa5xhu5.cloudfront.net/generic/ Frame 7F69 		1 KB
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ck169wa5xhu5.cloudfront.net/generic/3c68e3ec-7448-47ed-b564-cf8e2351d20e
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/log-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e600:11:8fa9:6340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d09f40445d542165f08775bedf5ee3261b946e6fa61c462d953880faabe47899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ltduY34xtQO6DezhKMYXxAHMMMla3.NK
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
date
Tue, 18 Oct 2022 04:15:32 GMT
last-modified
Mon, 28 Sep 2020 16:46:47 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
61487
etag
W/"5cc09278f7df72cbc677c03bc42531ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
1B28uFUzz2Krj5K41T511fNJchQW8Jjvrjd2nfJEMXZojZlPxH-z5w==
x-amz-meta-payit_public
true
2817ddd5-3a8b-42dc-a298-5dc693b06883
d3ck169wa5xhu5.cloudfront.net/generic/ Frame 7F69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ck169wa5xhu5.cloudfront.net/generic/2817ddd5-3a8b-42dc-a298-5dc693b06883
Requested by
Host: auth.payitgov.com
URL: https://auth.payitgov.com/log-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e600:11:8fa9:6340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
763d90ca8e34f7d54818da0aae60151e7f1b606cd04fc8e19d093208074d2556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.payitgov.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
7QK7vpdMmEQgyGrzI29zvpp2Wmmothlv
content-encoding
gzip
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
date
Tue, 18 Oct 2022 04:15:32 GMT
last-modified
Tue, 29 Sep 2020 20:44:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
61487
etag
W/"f8c56a6b656907af6148215966c80fb7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
2Kb9yiE9ErOeqMnVd8fiAAp_8EoikcwGpOduLiTU-0vIQr8D_lUAJw==
x-amz-meta-payit_public
true
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDAMRO95AebGRLOwn2q9JiGzKwQN1ZjBis&libraries=places&language=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0cf897950426a2cfb740a1c6ae3a3e678d406c915cfab6555b1c64dcc8b3c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69562
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 18:53:07 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ 		165 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDAMRO95AebGRLOwn2q9JiGzKwQN1ZjBis&libraries=places&language=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b4c5ea27e6dd71562e7385402b13b905a14f1d2649dc3d4de467a3e6643358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.ncdot.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 18:02:46 GMT
x-content-type-options
nosniff
age
11853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
168629
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 18:02:46 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L75KD27D43&gtm=2oeah0&_p=430325293&cid=238619002.1666128015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1666128015&sct=1&seg=0&dl=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&dt=&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L75KD27D43&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payments.ncdot.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 21:20:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncdot.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.co
URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a3574a85-1a5c-4950-b24d-6cd61ee5a54e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=55415219-cb61-46a0-bb65-1ea31392fe3c&tw_document_href=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcum&type=javascript&version=2.3.27
Domain
analytics.twitter.com
URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a3574a85-1a5c-4950-b24d-6cd61ee5a54e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=55415219-cb61-46a0-bb65-1ea31392fe3c&tw_document_href=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcum&type=javascript&version=2.3.27
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-93243443-1&cid=238619002.1666128015&jid=1743320202&_u=YADAAEAAQAAAACgAI~&z=758376920
Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| payitClientConfig function| setImmediate function| clearImmediate object| payit object| payitCoolUIConfig function| showFallback object| dataLayer object| gapi object| ___jsl object| FB object| AppleID object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| __buffer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_214af1003c object| uetq object| regeneratorRuntime object| twttr object| google_optimize function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __LOADABLE_LOADED_CHUNKS__ object| coolUiModalStackManager undefined| global function| activateControlPanel

10 Cookies

Domain/Path Name / Value
.ncdot.gov/ Name: _gcl_au
Value: 1.1.957885536.1666128015
.bing.com/ Name: MUID
Value: 0ED64446421D624F0BCE560743CF638D
.ncdot.gov/ Name: _uetsid
Value: a864bbf04f2a11edb31189d8c74b9c4d
.ncdot.gov/ Name: _uetvid
Value: a864d8004f2a11edba74af8c98578ae6
.ncdot.gov/ Name: _fbp
Value: fb.1.1666128015133.1723835351
.ncdot.gov/ Name: _ga_L75KD27D43
Value: GS1.1.1666128015.1.0.1666128015.0.0.0
.ncdot.gov/ Name: _ga
Value: GA1.2.238619002.1666128015
.ncdot.gov/ Name: _gid
Value: GA1.2.829174592.1666128015
.ncdot.gov/ Name: _gat_UA-93243443-1
Value: 1
auth.payitgov.com/ Name: _csrf
Value: QpbvrjF29JdhskTFEMJkeqhr

4 Console Messages

Source Level URL
Text
security error URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Message:
Refused to load the image 'https://t.co/i/adsct?bci=3&eci=2&event_id=a3574a85-1a5c-4950-b24d-6cd61ee5a54e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=55415219-cb61-46a0-bb65-1ea31392fe3c&tw_document_href=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcum&type=javascript&version=2.3.27' because it violates the following Content Security Policy directive: "img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com".
security error URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Message:
Refused to load the image 'https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a3574a85-1a5c-4950-b24d-6cd61ee5a54e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=55415219-cb61-46a0-bb65-1ea31392fe3c&tw_document_href=https%3A%2F%2Fpayments.ncdot.gov%2Fauth%3Futm_medium%3Demail%26utm_campaign%3DVehicle%2520Renewals%2520-%2520Jan%25202020%26utm_content%3DVehicle%2520Renewals%2520-%2520Jan%25202020%2BCID_d3cf8324e7154593505a1d9b0223fc51%26utm_source%3Dcampaign%2520monitor%26utm_term%3DGet%2520Started%26utm_medium%3Demail%26utm_campaign%3DOctober%25202022%2520Vehicle%2520Renewals%26utm_content%3DOctober%25202022%2520Vehicle%2520Renewals%2BCID_01447a56fe3ba44d0428e2d804bf7f3d%26utm_source%3Dcampaign%2520monitor%26utm_term%3DRenew%2520your%2520vehicle%2520registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcum&type=javascript&version=2.3.27' because it violates the following Content Security Policy directive: "img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com".
security error URL: https://payments.ncdot.gov/auth?utm_medium=email&utm_campaign=Vehicle%20Renewals%20-%20Jan%202020&utm_content=Vehicle%20Renewals%20-%20Jan%202020+CID_d3cf8324e7154593505a1d9b0223fc51&utm_source=campaign%20monitor&utm_term=Get%20Started&utm_medium=email&utm_campaign=October%202022%20Vehicle%20Renewals&utm_content=October%202022%20Vehicle%20Renewals+CID_01447a56fe3ba44d0428e2d804bf7f3d&utm_source=campaign%20monitor&utm_term=Renew%20your%20vehicle%20registration
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-93243443-1&cid=238619002.1666128015&jid=1743320202&_u=YADAAEAAQAAAACgAI~&z=758376920' because it violates the following Content Security Policy directive: "img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com".
security error URL: https://auth.payitgov.com/?appId=6a3062f6-6c25-460d-b48e-ccdfb4dd7a74&isEmbedded=true&lang=en
Message:
Refused to load the font 'data:font/woff;base64,d09GRgABAAAAAAzQABAAAAAAPqAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABbAAAABwAAAAcdLqvk0dERUYAAAGIAAAAHAAAAB4AJwCJT1MvMgAAAaQAAAAzAAAAVl2FDi5jbWFwAAAB2AAAAOwAAAGKZcB0ZWN2dCAAAALEAAAAEgAAABIGbwE/ZnBnbQAAAtgAAAGxAAACZVO0L6dnYXNwAAAEjAAAAAgAAAAIAAAAEGdseWYAAASUAAAD3gAAMOhHM9CuaGVhZAAACHQAAAAyAAAANgFlpaJoaGVhAAAIqAAAAB4AAAAkDwoIwGhtdHgAAAjIAAAAQgAAAgwzFwYgbG9jYQAACQwAAADoAAABCHWfgc5tYXhwAAAJ9AAAACAAAAAgAZ8AY25hbWUAAAoUAAABKgAAAhwF71CKcG9zdAAAC0AAAAEgAAAB0i9PKaxwcmVwAAAMYAAAAG4AAACIJqqeAgAAA...+jY8eCvfdeUUiMMRoGjt2AK3GgmzCWuCWN7z/2Tr6cc5KLif/vEcQkJZRgxoIVG3ZKceDEhRsPXnz4CVBGkBBhyqmgkiqqqaGWOuppoJEmmmmhlTba6aCTLrrpoZc++tHQiRAlRpwESVKkGWCQIYYZYZQxMowzwSRTZJlmhlnmmGeBRZZYZoVV1lhng0222GaHXfbY54BDjjjmhFMxi4VnzjjniQs+yPHGO9988iVWsYldSsUhTnGJWzziFZ/4JSBlvPAqQQlJ2Hp1/XCb123Fm4KmaZOGGU35lyO/g1JXRpRRZUwZVyaUSWVKmVZmDHX1V9cdl4Wr4l3u4vQ+b1SRrGHcMJ6d+AF/z0wXeNrbwfi/dQNjL4P3Bo6AiI2MjH2RG93YtCMUNwhEem8QCQIyGiJlN7Bpx0QwbmBUcN3ArO2ygUnBdRcDY/1/BibtjcxuZUARZpAIE4sIQoRFwXUTsyacywrkssjAuWxALqsojBu5QUQbADtQJ1MAAA==' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com;frame-ancestors 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca;script-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline' https: 'unsafe-eval' bat.bing.com;img-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.cloudfront.net 'self' blob: 'self' data: bat.bing.com;font-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: data:;form-action 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com 'self';style-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com https: 'unsafe-inline';connect-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.facebook.com *.cdn-apple.com *.doubleclick.net;object-src 'self' *.payitgov.com *.mobilgov.com *.payitgov.ca 'self' blob: 'self' data:;base-uri 'self';block-all-mixed-content;script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5900-app.mobilgov.com
analytics.twitter.com
apis.google.com
appleid.cdn-apple.com
auth.payitgov.com
bat.bing.com
connect.facebook.net
d3ck169wa5xhu5.cloudfront.net
d3nh6asts0jslb.cloudfront.net
maps.googleapis.com
myncdmv.cmail20.com
payments.ncdot.gov
region1.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
truncated
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
analytics.twitter.com
t.co
truncated
www.google.de
104.77.42.191
15.205.197.234
199.232.188.157
2001:4860:4802:32::36
2600:9000:223f:c600:1f:775:dfc0:21
2600:9000:224a:e600:11:8fa9:6340:21
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.158.72.22
54.84.41.238
96.127.83.35
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
2a2713c8aa1876fbad8d38a6a46c5834d7f90173631ede1c1884dcb6838de383
2c6b6d213afad294f82d9f8b6db6c36c88dfa5c795e9600633216d79f06c9b08
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
36ded1dfd8469df4a3ece8d6c927a142b1872bbbb6ceab810f6896ed13ade342
3e5c5e79741a38c2f2c6f9e98a71eeae405d8513bcd769d184da7852f63123e2
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4322d7d92d016f1ffc40115cbb11c21a95c6bf53a9e55170678e28f16b982941
45dc5d6d0f77870e04468eac65b84697bc26023df6724ea1aad9140c55821efd
53e281216557a94b2aaf90ac97be78a59325f86d1fcdc5a0290bf8ac2fa72ee4
552b4dee39c07752950ce7c158f3fa6782c74a7e27f2f23d24c8c3232cd4abab
55f05af7df6d30b36d6858a20bb53c5dbfe25002a19a0fa5e7a280ce9582d023
5cfca67a86d5b459885d20aadc26bc50393cadd0e8d0beabb1cfba9829670f8b
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
65d803e757e3feb01f6545b3646ef55a65a5c60fd1f278b7321fdeab1dde324c
663b48e9b3d66bb8651825ed469c647cf0bc8aaf214f0d7fd2b1582f031884eb
72b4c5ea27e6dd71562e7385402b13b905a14f1d2649dc3d4de467a3e6643358
763d90ca8e34f7d54818da0aae60151e7f1b606cd04fc8e19d093208074d2556
7e503eae1660b5c2523a2d453f229fda720cd0e0357aaf94f772f98ef48613a8
8288d79045ca0ac58137ec32a9620fe95aa443b9cd07404c97254e1cc8575cb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8546135c6d3f1ab8aeec1065c7e7e7b3c74c54b08976a9fc1a8053ec3a30d764
93c7d537c4318048498713ef7e646c9ca9b07051c90ea2a391c132b3a4fdecd0
990711b0bb14cfe63f3fd046a0b8de28e5ab5a3478528675a19e5a7183fc2760
996f0c2cc36f8ff5373c5881c6269381e996e7239cb856a22f84daa21d40dcf9
a76745d9caa3abaf1d96760066c229b16c6a45cf2389316db99090920a22c8d9
a955b7cb8342de8f7116aea1c517f803a2fa9aee5bd12f766c80baecddcef4a8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baeca235c0eb344ba71233a9d125c1ade6f3d31d5355d00e7a4bab3e132f27c3
c0cf897950426a2cfb740a1c6ae3a3e678d406c915cfab6555b1c64dcc8b3c90
c84ad6679d1dac3da8a7e0a5d0c74d4c5338fed3b634b1a540590ef91cf0b6e9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d09f40445d542165f08775bedf5ee3261b946e6fa61c462d953880faabe47899
d38aa23caaa05bc21c7115d7535fb9db468f75ab1e9c64c268830b274eaa2268
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e889f8f2aa0fd984b70cbcadb0aa877d29482451426cf7635b303349b322ac9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d8a3be402ebb1bfeb8424a4fd6ec58944ce1d17b2acb9c549f09bd45bb8705
f44e4c112678b84a98ab59dd35599317140ca4264940c5f7938d761f81329130