gps-billpay.dev.utah.gov Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gps-billpay.dev.utah.gov/
Submission: On August 22 via automatic, source certstream-suspicious (August 22nd 2024, 5:37:35 pm UTC) — Scanned from US

Summary HTTP 11 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is gps-billpay.dev.utah.gov.
TLS certificate: Issued by WR3 on August 22nd 2024. Valid for: 3 months.

This is the only time gps-billpay.dev.utah.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.116.44 18.164.116.44	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:248... 2600:1f18:2489:8201::c8	14618 (AMAZON-AES) (AMAZON-AES)
11	6

4 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

gps-billpay.dev.utah.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-44.jfk50.r.cloudfront.net

cdn.utah.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2489:8201::c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

gis.utah.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	utah.gov gps-billpay.dev.utah.gov cdn.utah.gov — Cisco Umbrella Rank: 593622 gis.utah.gov	441 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
1	gstatic.com fonts.gstatic.com	29 KB
11	3

	Domain	Requested by
4	fonts.googleapis.com	gps-billpay.dev.utah.gov
4	gps-billpay.dev.utah.gov	gps-billpay.dev.utah.gov
1	gis.utah.gov
1	cdn.utah.gov	gps-billpay.dev.utah.gov
1	fonts.gstatic.com	fonts.googleapis.com
11	5

This site contains links to these domains. Also see Links.

Domain
id.utah.gov
turngps.utah.gov
youtu.be
github.com
twitter.com
facebook.com
www.youtube.com
utahgeospatialpodcast.buzzsprout.com
gis.utah.gov
www.utah.gov

Subject Issuer	Validity	Valid
gps-billpay.dev.utah.gov WR3	`2024-08-22` - `2024-11-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.utah.gov Amazon RSA 2048 M03	`2024-04-29` - `2025-05-28`	a year	crt.sh
gis.utah.gov E6	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gps-billpay.dev.utah.gov/
Frame ID: B34A2C99069D19456A464DA0A735C4D5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Utah TURN GPS Bill Pay: Provided by the UGRC

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

475 kB
Transfer

1621 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://id.utah.gov/
Title: UtahID Profile , opens in a new tab

Search URL Search Domain Scan URL

URL: http://turngps.utah.gov/
Title: turngps.utah.gov

Search URL Search Domain Scan URL

URL: https://youtu.be/T4Q2eqrrbXQ
Title: Registration Instructions opens in a new tab

Search URL Search Domain Scan URL

URL: https://github.com/agrc
Title: UGRC GitHub, opens in a new tab

Search URL Search Domain Scan URL

URL: https://twitter.com/MapUtah
Title: UGRC Twitter, opens in a new tab

Search URL Search Domain Scan URL

URL: https://facebook.com/UtahAGRC
Title: UGRC Facebook, opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@therealUGRC
Title: UGRC Youtube, opens in a new tab

Search URL Search Domain Scan URL

URL: https://utahgeospatialpodcast.buzzsprout.com/
Title: UGRC Podcast, opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/contact/
Title: UGRC Contacts opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/about/
Title: UGRC Mission opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/about/code/
Title: GIS-related Utah Statute opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/documentation/policy/
Title: UGRC Policies opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/about/media/
Title: UGRC Media Resources opens in a new tab

Search URL Search Domain Scan URL

URL: https://gis.utah.gov/contact/visiting/
Title: UGRC Directions and Parking opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.utah.gov/index.html
Title: Utah.gov Home , opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.utah.gov/support/disclaimer.html
Title: Terms of Use , opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.utah.gov/support/privacypolicy.html
Title: Privacy Policy , opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.utah.gov/support/accessibility.html
Title: Accessibility , opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.utah.gov/support/translate.html
Title: Translate , opens in a new tab

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gps-billpay.dev.utah.gov/ 1 KB
2 KB 342ms
142ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22685089ca0a49ee798d8355c5906b9e7fd86fddb5815b0ba4e22f0bf5d62122

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src ; worker-src blob:; script-src 'self' 'unsafe-eval' https://.google.com https://www.googletagmanager.com; connect-src 'self' https://.cloudfunctions.net https://.utah.gov https://.googleapis.com https://.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://.wp.com https://.utah.gov https://.arcgis.com https://www.googletagmanager.com https://.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src ; object-src 'self' https://.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 493
content-security-policy: default-src 'none'; font-src *; worker-src blob:; script-src 'self' 'unsafe-eval' https://*.google.com https://www.googletagmanager.com; connect-src 'self' https://*.cloudfunctions.net https://*.utah.gov https://*.googleapis.com https://*.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://*.wp.com https://*.utah.gov https://*.arcgis.com https://www.googletagmanager.com https://*.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src *; object-src 'self' https://*.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
content-type: text/html; charset=utf-8
date: Thu, 22 Aug 2024 17:37:30 GMT
etag: "32783d582f14d9b6a036e58949226aa6e9ee5ea21a6efc2fc8acd991df1a018f-br"
last-modified: Thu, 13 Jun 2024 00:18:58 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-lga21935-LGA
x-timer: S1724348250.383391,VS0,VE138
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 51ms
29ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,400;1,700&display=swap

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ddccd4095aad6897b7870be96008b6c30de2767de353c1b59e504664cc47536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gps-billpay.dev.utah.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 17:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 17:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 17:37:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
833 B 49ms
28ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Code+Pro&display=swap

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce4bbaac85ccf5cbd162d31885947faa655667bae28434f0cb2556757d9a7d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gps-billpay.dev.utah.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 17:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 16:15:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 17:37:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 631 B
808 B 48ms
27ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a5728b5ab77d561a5cd9a1f5e98caa5f3507b52a02cf241985c6126463c279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gps-billpay.dev.utah.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 17:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 17:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 17:37:30 GMT

GET
H2 200 index-XqnSDLDU.js Show response
gps-billpay.dev.utah.gov/assets/ 1 MB
282 KB 213ms
212ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gps-billpay.dev.utah.gov/assets/index-XqnSDLDU.js

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed152fa983362aceca5fc6930d8cce86978a7d2ec37dcbcc3169814b0d611ba8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src ; worker-src blob:; script-src 'self' 'unsafe-eval' https://.google.com https://www.googletagmanager.com; connect-src 'self' https://.cloudfunctions.net https://.utah.gov https://.googleapis.com https://.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://.wp.com https://.utah.gov https://.arcgis.com https://www.googletagmanager.com https://.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src ; object-src 'self' https://.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gps-billpay.dev.utah.gov/
Origin: https://gps-billpay.dev.utah.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src *; worker-src blob:; script-src 'self' 'unsafe-eval' https://*.google.com https://www.googletagmanager.com; connect-src 'self' https://*.cloudfunctions.net https://*.utah.gov https://*.googleapis.com https://*.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://*.wp.com https://*.utah.gov https://*.arcgis.com https://www.googletagmanager.com https://*.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src *; object-src 'self' https://*.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556926
date: Thu, 22 Aug 2024 17:37:30 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 288028
x-xss-protection: 1; mode=block
x-served-by: cache-lga21935-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 Jun 2024 00:18:58 GMT
x-timer: S1724348251.540803,VS0,VE209
etag: "a701be5144b59eb481ff4a97b21f2bbaef93733f7a56c885e8249b329495450d-br"
x-frame-options: SAMEORIGIN
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 index-CvzRGqYM.css
gps-billpay.dev.utah.gov/assets/ 146 KB
17 KB 148ms
147ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a48143d0ac5983984caeaffdbeadc661e58fa678c4b3ab5b907d6f332ed2e966

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src ; worker-src blob:; script-src 'self' 'unsafe-eval' https://.google.com https://www.googletagmanager.com; connect-src 'self' https://.cloudfunctions.net https://.utah.gov https://.googleapis.com https://.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://.wp.com https://.utah.gov https://.arcgis.com https://www.googletagmanager.com https://.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src ; object-src 'self' https://.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gps-billpay.dev.utah.gov/
Origin: https://gps-billpay.dev.utah.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src *; worker-src blob:; script-src 'self' 'unsafe-eval' https://*.google.com https://www.googletagmanager.com; connect-src 'self' https://*.cloudfunctions.net https://*.utah.gov https://*.googleapis.com https://*.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://*.wp.com https://*.utah.gov https://*.arcgis.com https://www.googletagmanager.com https://*.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src *; object-src 'self' https://*.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31556926
date: Thu, 22 Aug 2024 17:37:30 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17446
x-xss-protection: 1; mode=block
x-served-by: cache-lga21935-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 Jun 2024 00:18:58 GMT
x-timer: S1724348251.540826,VS0,VE144
etag: "5d027077e438973f04d33db3e9ae3f7bdd1666f79ce7a4dda1d7f56fb5c092c1-br"
x-frame-options: SAMEORIGIN
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
906 B 25ms
23ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+3:ital,wght@0,400;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4a33d382b6dba1950cc1b7465bc6031c83cfa2fcb33a6ac638345ec5390cde5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 17:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 17:30:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 17:37:30 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efd9a2678164a2f0fb84508249bef155bc32d4715cbdebe382a91682847b2fcb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 banner-CO0MgH5B.webp
gps-billpay.dev.utah.gov/assets/ 16 KB
17 KB 137ms
137ms Image
image/webp 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gps-billpay.dev.utah.gov/assets/banner-CO0MgH5B.webp

Requested by

Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc7cdb09a1f73068c31f3a63aca23038a43f455b66c896a60fbe29d3a3cd324d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src ; worker-src blob:; script-src 'self' 'unsafe-eval' https://.google.com https://www.googletagmanager.com; connect-src 'self' https://.cloudfunctions.net https://.utah.gov https://.googleapis.com https://.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://.wp.com https://.utah.gov https://.arcgis.com https://www.googletagmanager.com https://.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src ; object-src 'self' https://.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src *; worker-src blob:; script-src 'self' 'unsafe-eval' https://*.google.com https://www.googletagmanager.com; connect-src 'self' https://*.cloudfunctions.net https://*.utah.gov https://*.googleapis.com https://*.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://*.wp.com https://*.utah.gov https://*.arcgis.com https://www.googletagmanager.com https://*.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src *; object-src 'self' https://*.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
strict-transport-security: max-age=31556926
x-content-type-options: nosniff
date: Thu, 22 Aug 2024 17:37:31 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16438
x-xss-protection: 1; mode=block
x-served-by: cache-lga21948-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 Jun 2024 00:18:58 GMT
x-timer: S1724348251.931352,VS0,VE132
etag: "e4d2041a17bb9ae0114ea3fa64bbd3e0792b4a020be21468680500036d2d6d47"
x-frame-options: SAMEORIGIN
vary: x-fh-requested-host, accept-encoding
content-type: image/webp
cache-control: max-age=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 28 KB
29 KB 42ms
4ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesans3/v15/nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+3:ital,wght@0,400;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gps-billpay.dev.utah.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 04:50:05 GMT
x-content-type-options: nosniff
age: 564445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28816
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Aug 2025 04:50:05 GMT

GET
H/1.1 200
OK utah-design-system.woff
cdn.utah.gov/design-system/fonts/ 14 KB
15 KB 413ms
343ms Font
font/woff 18.164.116.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.utah.gov/design-system/fonts/utah-design-system.woff
Requested by: Host: gps-billpay.dev.utah.gov
URL: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-44.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98b8582ecedbad2f54cedff614efeaa70a4153b9db485028626a3ed8a3c65067

Request headers

Referer: https://gps-billpay.dev.utah.gov/assets/index-CvzRGqYM.css
Origin: https://gps-billpay.dev.utah.gov
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:37:32 GMT
x-amz-version-id: NezubmM6s32uKiaEzz8TwBBXJ.3GyKb0
Via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 14804
Last-Modified: Tue, 06 Aug 2024 22:45:37 GMT
Server: AmazonS3
ETag: "b3e5a2e8d1cca1bc10d9a684239c9158"
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: font/woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: 0zkXYZx08AADz91GyCGZtx99vat9XYasUpcb6FeH89ECGaz2G8JWXg==

GET
DATA 200
OK truncated
/ 1 KB
1 KB Image
image/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f78894b672cce7de77c64410489d7f4bbbad369700e712eb4ce7113f60922bb8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/octet-stream

GET
DATA 200
OK truncated
/ 1019 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c96ed8bedbf1821c30d98ff698c2263dc37242e6c71bb2c6817d5fb215789fe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 favicon.ico
gis.utah.gov/images/ 108 KB
108 KB 137ms
12ms Other
image/vnd.microsoft.icon 2600:1f18:2489:8201::c8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gis.utah.gov/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

3494ad297cb79938bc857878fde3f838be226f9a7c6ae9b19ec8d614a94cdc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gps-billpay.dev.utah.gov/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J5XJMF0WQN15RRA1QS20655V
date: Thu, 22 Aug 2024 17:37:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 21321
content-length: 110332
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "e4e239a0d5694591dd193ab1bfc2d0ba-ssl"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=0,must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion object| _reactFireDatabaseCachedQueries object| _reactFirePreloadedObservables object| _reactFireFirestoreQueryCache

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; font-src ; worker-src blob:; script-src 'self' 'unsafe-eval' https://.google.com https://www.googletagmanager.com; connect-src 'self' https://.cloudfunctions.net https://.utah.gov https://.googleapis.com https://.arcgis.com https://www.google-analytics.com; img-src 'self' blob: data: https://www.gravatar.com https://.wp.com https://.utah.gov https://.arcgis.com https://www.googletagmanager.com https://.googleapis.com; style-src 'self' 'unsafe-inline';base-uri 'self'; form-action 'self'; frame-src ; object-src 'self' https://.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com;
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.utah.gov
fonts.googleapis.com
fonts.gstatic.com
gis.utah.gov
gps-billpay.dev.utah.gov
18.164.116.44
199.36.158.100
2600:1f18:2489:8201::c8
2607:f8b0:4006:80f::200a
2607:f8b0:4006:820::2003
22685089ca0a49ee798d8355c5906b9e7fd86fddb5815b0ba4e22f0bf5d62122
2c96ed8bedbf1821c30d98ff698c2263dc37242e6c71bb2c6817d5fb215789fe
3494ad297cb79938bc857878fde3f838be226f9a7c6ae9b19ec8d614a94cdc1c
4a5728b5ab77d561a5cd9a1f5e98caa5f3507b52a02cf241985c6126463c279e
98b8582ecedbad2f54cedff614efeaa70a4153b9db485028626a3ed8a3c65067
9ddccd4095aad6897b7870be96008b6c30de2767de353c1b59e504664cc47536
a48143d0ac5983984caeaffdbeadc661e58fa678c4b3ab5b907d6f332ed2e966
c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4
ce4bbaac85ccf5cbd162d31885947faa655667bae28434f0cb2556757d9a7d5d
dc7cdb09a1f73068c31f3a63aca23038a43f455b66c896a60fbe29d3a3cd324d
ed152fa983362aceca5fc6930d8cce86978a7d2ec37dcbcc3169814b0d611ba8
efd9a2678164a2f0fb84508249bef155bc32d4715cbdebe382a91682847b2fcb
f4a33d382b6dba1950cc1b7465bc6031c83cfa2fcb33a6ac638345ec5390cde5
f78894b672cce7de77c64410489d7f4bbbad369700e712eb4ce7113f60922bb8

gps-billpay.dev.utah.gov Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

6 IPs

1 Countries

475 kBTransfer

1621 kBSize

0 Cookies

19 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

gps-billpay.dev.utah.gov Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

475 kB
Transfer

1621 kB
Size

0
Cookies

11 HTTP transactions
3 data transactions