go.paymode.com Open in urlscan Pro
34.237.219.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Submission Tags: falconsandbox
Submission: On May 10 via api (May 10th 2023, 7:04:41 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 23 domains to perform 56 HTTP transactions. The main IP is 34.237.219.119, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.paymode.com.
TLS certificate: Issued by R3 on May 3rd 2023. Valid for: 3 months.

This is the only time go.paymode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11 14	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2600:9000:203... 2600:9000:203b:9a00:d:7e9b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e0:... 2606:4700:e0::ac40:640a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.34.68 13.225.34.68	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:780... 2a02:26f0:780::5f65:36d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:231... 2600:9000:2315:2600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.225.34.86 13.225.34.86	16509 (AMAZON-02) (AMAZON-02)
1	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
56	26

14 34.237.219.119 (Ashburn, United States) 11 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

go.paymode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:203b:9a00:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e0::ac40:640a (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-68.cdg3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:36d9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:2600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-86.cdg3.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	paymode.com 11 redirects go.paymode.com	21 KB
12	pardot.com storage.pardot.com — Cisco Umbrella Rank: 12507 pi.pardot.com — Cisco Umbrella Rank: 4232	816 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1602 ka-f.fontawesome.com — Cisco Umbrella Rank: 2850	114 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 645 px4.ads.linkedin.com — Cisco Umbrella Rank: 6490	5 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2222 rs.fullstory.com — Cisco Umbrella Rank: 2177	69 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 5171	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 7297	55 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 957	72 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 960	36 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2487	257 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1034	376 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4932	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 885	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	105 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	6 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385	33 KB
0	d41.co Failed api2963.d41.co Failed cdn-0.d41.co Failed
0	idio.co Failed js.idio.co Failed
56	23

	Domain	Requested by
14	go.paymode.com	11 redirects go.paymode.com
11	storage.pardot.com	go.paymode.com
5	ka-f.fontawesome.com	kit.fontawesome.com go.paymode.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com go.paymode.com
2	www.facebook.com	go.paymode.com
2	www.google.de	go.paymode.com
2	www.google.com	go.paymode.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	go.paymode.com connect.facebook.net
2	edge.fullstory.com	go.paymode.com edge.fullstory.com
2	cdn.mouseflow.com	1 redirects go.paymode.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	go.paymode.com
1	pi.pardot.com	go.paymode.com
1	vc.hotjar.io	script.hotjar.com
1	rs.fullstory.com	edge.fullstory.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	go.paymode.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	ws.zoominfo.com	go.paymode.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	go.paymode.com
1	cdn.jsdelivr.net	go.paymode.com
1	kit.fontawesome.com	go.paymode.com
1	ajax.googleapis.com	go.paymode.com
0	cdn-0.d41.co Failed	go.paymode.com
0	api2963.d41.co Failed	www.googletagmanager.com go.paymode.com
0	js.idio.co Failed	go.paymode.com
56	30

This site contains links to these domains. Also see Links.

Domain
www.bottomline.com
secure.paymode.com
bottomline.com

Subject Issuer	Validity	Valid
go.paymode.com R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-03-31` - `2023-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-17` - `2023-05-18`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Frame ID: 1B4B50A559428937D191FF306FC85ABE
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connecticut Water

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

56
Requests

66 %
HTTPS

65 %
IPv6

23
Domains

30
Subdomains

26
IPs

2
Countries

1459 kB
Transfer

2972 kB
Size

26
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bottomline.com/us/solutions/paymode-x

Search URL Search Domain Scan URL

URL: https://secure.paymode.com/nextx/enrollment/join-now/G-FUZYCYPE5
Title: Enroll Today

Search URL Search Domain Scan URL

URL: http://bottomline.com/www.bottomline.com

Search URL Search Domain Scan URL

URL: https://www.bottomline.com/us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://go.paymode.com/paymode-x-color-logo HTTP 302
https://storage.pardot.com/11082/1633007163FBehz0Mu/paymode_x_color_logo.png

Request Chain 4

https://go.paymode.com/connecticut-water-logo HTTP 302
https://storage.pardot.com/11082/1652107520tWuYuGZa/connecticut_water_logo.png

Request Chain 5

https://go.paymode.com/fleetpride-logo HTTP 302
https://storage.pardot.com/11082/1645123860No7Kmja5/fleetpride_logo.png

Request Chain 6

https://go.paymode.com/hobart-logo HTTP 302
https://storage.pardot.com/11082/1645123968vkPHjf0a/hobart_logo.png

Request Chain 7

https://go.paymode.com/brochure-1-ar-benefits-paymode HTTP 302
https://storage.pardot.com/11082/1650645242QYQ7vaIM/ar_benefits_of_your_pmx_premium_membership_asset_image_540x722.png

Request Chain 8

https://go.paymode.com/brochure-2-benefits-of-ctx-for-ar HTTP 302
https://storage.pardot.com/11082/1650645395CDBCDTk3/understanding_the_benefits_of_ctx_for_ar_asset_image_540x722.png

Request Chain 9

https://go.paymode.com/brochure-3-biggest-ar-benefits HTTP 302
https://storage.pardot.com/11082/1650645475kOQlGQWZ/4_biggest_ar_benefits_pmx_asset_image_540x722.png

Request Chain 10

https://go.paymode.com/brochure-4-critical-business-continutiy-measures-for-ar HTTP 302
https://storage.pardot.com/11082/1650645565BAh8nqHk/3_critical_business_continuity_measures_for_ar_asset_image_540x722.png

Request Chain 11

https://go.paymode.com/sharing-ideas-illustration HTTP 302
https://storage.pardot.com/11082/1645123437Nl584gZP/contact_illustration_400x400.png

Request Chain 12

https://go.paymode.com/paymode-x-powered-by-bottomline-inline-white-logo HTTP 302
https://storage.pardot.com/11082/1633007557O14tTFtn/paymode_powered_by_bt_inline_logo_white.png

Request Chain 19

https://go.paymode.com/pmx-check-icon HTTP 302
https://storage.pardot.com/11082/1633007621rTdGDbfO/pmx_check.png

Request Chain 27

https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d.js HTTP 301
https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d_eu.js

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1378034%26time%3D1683745475270%26url%3Dhttps%253A%252F%252Fgo.paymode.com%252Fconnecticutwater%252FG-FUZYCYPE5%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true&e_ipv6=AQJkJdp96Z85wQAAAYgHDQznOOdo1RDrwKCrQ2u4DWMeJUnOBKP8KCToyc89-fvF2bGO5zqOTUpS

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request G-FUZYCYPE5 Show response
go.paymode.com/connecticutwater/ 35 KB
10 KB 577ms
289ms Document
text/html 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 6dfc64b987843c4195a778972974163560d2bb381c85b6a4f22593964a4464e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 9137
Content-Type: text/html; charset=utf-8
Date: Wed, 10 May 2023 19:04:34 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
status: 404 Not Found
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 76ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 777271
cdn-cachedat: 12/27/2021 13:09:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 88833c14bb1c0cf39c9fdd8fd8f440ab
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c5472e1cfafbbf1-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 13:21:48 GMT

GET
H2 200 a1dd559393.js Show response
kit.fontawesome.com/ 11 KB
4 KB 87ms
36ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/a1dd559393.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5716f22eb3088ef8247f287172b7600b89fbf22a34b1cbc3075a07a3e583b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://go.paymode.com/
Origin: https://go.paymode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7c5472e1d9d75c92-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F13cvds7jC6DnYNLe0Bh

GET
H2

200

paymode_x_color_logo.png
storage.pardot.com/11082/1633007163FBehz0Mu/
Redirect Chain

https://go.paymode.com/paymode-x-color-logo
https://storage.pardot.com/11082/1633007163FBehz0Mu/paymode_x_color_logo.png

3 KB
4 KB

529ms
421ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1633007163FBehz0Mu/paymode_x_color_logo.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 546c636e6f128c12c0acfe30b305cb1286c0d5c104a49efea14eca6c4667849e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: 7aBSfYXHrkjn7OgDW8JUlvMTGt_5prL.
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 13:06:04 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "ef4c2a2378663d6bcf56f110d55c2ced"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 3287
x-amz-cf-id: 4Gswfi0gJQqg93L7ESdbvRKgNWqwNt2-KksZabzn5yfCfTxcLt3m_Q==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1633007163FBehz0Mu/paymode_x_color_logo.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 147
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

connecticut_water_logo.png
storage.pardot.com/11082/1652107520tWuYuGZa/
Redirect Chain

https://go.paymode.com/connecticut-water-logo
https://storage.pardot.com/11082/1652107520tWuYuGZa/connecticut_water_logo.png

59 KB
59 KB

416ms
415ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1652107520tWuYuGZa/connecticut_water_logo.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 486b2df568a823739b3cd81676e629034d3399d67b5867f6c8c9fca88d3f0cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: Q8q8GUjmK74UNxpTLOca30jU37I2HjvD
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Mon, 09 May 2022 14:45:21 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "6814efcbf86cc5570c2ceb44d2c57c18"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 59998
x-amz-cf-id: 68MxF9-DOIsmOsK1-YE91SJMZGU5bq-okwYqBVvMbb_Gz-y19d4qXw==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1652107520tWuYuGZa/connecticut_water_logo.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 147
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

fleetpride_logo.png
storage.pardot.com/11082/1645123860No7Kmja5/
Redirect Chain

https://go.paymode.com/fleetpride-logo
https://storage.pardot.com/11082/1645123860No7Kmja5/fleetpride_logo.png

32 KB
32 KB

375ms
372ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1645123860No7Kmja5/fleetpride_logo.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5076774cdc628a4a883abb321fec40544c51703fffe7a7425d974c44606a8efc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: NVs5I0XCH9thuE8hPoXGFzRTZ9uhvaCE
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 18:51:02 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "f2c948d88ee04a1e4966cafb9f6d0fbd"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 32397
x-amz-cf-id: fXWSuFwg2Wok3r0s6ZXbHosrTZLQUUGrHgrKtWoCB6E8YBPvt0-Ejg==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1645123860No7Kmja5/fleetpride_logo.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 142
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

hobart_logo.png
storage.pardot.com/11082/1645123968vkPHjf0a/
Redirect Chain

https://go.paymode.com/hobart-logo
https://storage.pardot.com/11082/1645123968vkPHjf0a/hobart_logo.png

29 KB
29 KB

402ms
402ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1645123968vkPHjf0a/hobart_logo.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a70c0d6a88661526d70dd09f9b694438d49a2c296c18fc0b7ee2baf6605a003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: SmTJlFiITd.JDLGl7GqkEWSCfkBrN9Lh
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 18:52:49 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "ba88ada6ac397b07ff49ba62cfc9fbc5"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 29615
x-amz-cf-id: fMAZKwMEfBbR_MzoBgsea2xtwWk9yAFukiTt7QaDw7x2wN0VJzkDZQ==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1645123968vkPHjf0a/hobart_logo.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 140
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

ar_benefits_of_your_pmx_premium_membership_asset_image_540x722.png
storage.pardot.com/11082/1650645242QYQ7vaIM/
Redirect Chain

https://go.paymode.com/brochure-1-ar-benefits-paymode
https://storage.pardot.com/11082/1650645242QYQ7vaIM/ar_benefits_of_your_pmx_premium_membership_asset_image_540x722.png

207 KB
207 KB

446ms
446ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1650645242QYQ7vaIM/ar_benefits_of_your_pmx_premium_membership_asset_image_540x722.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9d3a3e329197af5982bb8556d6a92f8fe8f371773fc28aeb1978dd8b65066cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: nB4u6Z2VM6BK6lBlZqV4aS1c617bBDn5
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 16:34:03 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "2353b367c131002194e1fa192a4eee94"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 211602
x-amz-cf-id: CH4ngVJIui-OetLaNowgXPH3qnwqZ0GX12w6zP6KCqZxHHj6pwCYXw==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1650645242QYQ7vaIM/ar_benefits_of_your_pmx_premium_membership_asset_image_540x722.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 176
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

understanding_the_benefits_of_ctx_for_ar_asset_image_540x722.png
storage.pardot.com/11082/1650645395CDBCDTk3/
Redirect Chain

https://go.paymode.com/brochure-2-benefits-of-ctx-for-ar
https://storage.pardot.com/11082/1650645395CDBCDTk3/understanding_the_benefits_of_ctx_for_ar_asset_image_540x722.png

107 KB
108 KB

430ms
430ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1650645395CDBCDTk3/understanding_the_benefits_of_ctx_for_ar_asset_image_540x722.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39d5bfd7be56da01949105b6e908cdc5f5399b2f6123e7d6ddfaef954efd8de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: 0bsj9Y6THKv5Hk0nq8_GXKZlKDTEOva.
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 16:36:36 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "ddda9ff1f8229ae63879e4f392842e82"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 109846
x-amz-cf-id: hyLEjhGWFEmwJOe_t7YY7plEwPB1seQZkWSRiZF8Fdxhto1x3diQLg==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1650645395CDBCDTk3/understanding_the_benefits_of_ctx_for_ar_asset_image_540x722.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 173
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

4_biggest_ar_benefits_pmx_asset_image_540x722.png
storage.pardot.com/11082/1650645475kOQlGQWZ/
Redirect Chain

https://go.paymode.com/brochure-3-biggest-ar-benefits
https://storage.pardot.com/11082/1650645475kOQlGQWZ/4_biggest_ar_benefits_pmx_asset_image_540x722.png

140 KB
141 KB

510ms
509ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1650645475kOQlGQWZ/4_biggest_ar_benefits_pmx_asset_image_540x722.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8d4d86183f43241a6769376ce3a1928889bd5be61263347570effd81d3173bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:37 GMT
x-amz-version-id: BG4__c0wu.tKWB2cPFOhSmiDG6aEenrR
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 16:37:57 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "f69d218755ca7ce01c70eb31ac1c348b"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 143635
x-amz-cf-id: HvZWXjwAxyBGacJ8DEsVbItVCD6VkXH07WzPsS_SRpZ2Lp3qllm0og==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1650645475kOQlGQWZ/4_biggest_ar_benefits_pmx_asset_image_540x722.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 166
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

3_critical_business_continuity_measures_for_ar_asset_image_540x722.png
storage.pardot.com/11082/1650645565BAh8nqHk/
Redirect Chain

https://go.paymode.com/brochure-4-critical-business-continutiy-measures-for-ar
https://storage.pardot.com/11082/1650645565BAh8nqHk/3_critical_business_continuity_measures_for_ar_asset_image_540x722.png

150 KB
151 KB

412ms
411ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1650645565BAh8nqHk/3_critical_business_continuity_measures_for_ar_asset_image_540x722.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eefad23e1728d091e04cf90a5edc62e6bb5ca30279b9da04401018120d915b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:37 GMT
x-amz-version-id: Hc8kq4F4ryH9oxHfRD.H_2fhsFkGCIjc
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 16:39:26 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "86a97bd3454e949a70aad6c6a5edc6e0"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 153646
x-amz-cf-id: bDusEakVvqREXaUqTowDYqF74veTBzGPyYXBuecAxAV-6tjJabyHqg==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1650645565BAh8nqHk/3_critical_business_continuity_measures_for_ar_asset_image_540x722.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 176
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

contact_illustration_400x400.png
storage.pardot.com/11082/1645123437Nl584gZP/
Redirect Chain

https://go.paymode.com/sharing-ideas-illustration
https://storage.pardot.com/11082/1645123437Nl584gZP/contact_illustration_400x400.png

68 KB
69 KB

403ms
403ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1645123437Nl584gZP/contact_illustration_400x400.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aa051561473798010bffb2c80233dc2153d37d54f9f54598cb46ad8b428b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:37 GMT
x-amz-version-id: eDvIWqRjsz31K9bkWrlvV30ddndZaG30
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 18:43:58 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "147d70d0465f6d8bea672ec8d9dc73a3"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 69767
x-amz-cf-id: B4TA09U1HTeE0tuiGxKVakjEJXcVXHNhS8HzFFK1rgNMGg40w1e4RQ==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1645123437Nl584gZP/contact_illustration_400x400.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 151
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2

200

paymode_powered_by_bt_inline_logo_white.png
storage.pardot.com/11082/1633007557O14tTFtn/
Redirect Chain

https://go.paymode.com/paymode-x-powered-by-bottomline-inline-white-logo
https://storage.pardot.com/11082/1633007557O14tTFtn/paymode_powered_by_bt_inline_logo_white.png

5 KB
6 KB

509ms
509ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1633007557O14tTFtn/paymode_powered_by_bt_inline_logo_white.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23a85715a004d99a60c1be103c86c7b72502ee770b54591e43f47ed83b4c1430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:37 GMT
x-amz-version-id: GDPqNnrqdPlIvy1DhYti9uoMDA.usiY7
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 13:12:38 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "e98d0ce34f7c5ec4cf5fa170291cf53c"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 5551
x-amz-cf-id: eGE-wIhlvCpKWybx5b9z4at1lVMPHPMojD6zjiciD52duVSLiLxDiQ==

Redirect headers

Date: Wed, 10 May 2023 19:04:36 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1633007557O14tTFtn/paymode_powered_by_bt_inline_logo_white.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 159
expires: Wed, 10 May 2023 19:14:36 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 53ms
30ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.paymode.com/
Origin: https://go.paymode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 159934
cdn-cachedat: 11/25/2022 23:23:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fa8e5c2f356d86d3db24288f67bf4d6e
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c5472e23cee68f8-FRA
cdn-requestpullsuccess: True

GET
H2 200 flow-gallery.min.js Show response
cdn.jsdelivr.net/npm/flow-gallery@latest/dist/ 14 KB
6 KB 911ms
298ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flow-gallery@latest/dist/flow-gallery.min.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdd32a0cc2ef39c888bb3df1fbf7d268fe84e9c3fff9fc6f14ef25c4a92b0d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 May 2023 19:04:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 18077
x-jsd-version: 0.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5566
x-served-by: cache-fra-eddf8230039-FRA, cache-gig2250031-GIG
x-jsd-version-type: version
etag: W/"39d2-Z4FHy+Il/DMUZ94tNQtTVA0Z5gI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 450 KB
105 KB 200ms
151ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d462a49dacd329e8ab1fb9d9379f76f0283492f11b1057ac2dd8124677f241c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107292
x-xss-protection: 0
last-modified: Wed, 10 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 May 2023 19:04:35 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 86ms
29ms Fetch
text/css 2606:4700:e0::ac40:640a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=a1dd559393
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a1dd559393.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 104679
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acW43rFgUI%2B%2BvYf4iu7o0ghwkyre%2FTntKuCTTBxfggd3zp2xojqKpAQ5r2WH9oj%2F%2FToPqyYI7llrDti34YXPQB8vgbZo4MlUiZptJkaOqmSoHOyMWJ12nsKNZl%2FzLa5zfT%2FYAomESQbGbtQyR%2FocIaUqWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5472e28eeb0493-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kDH7EnoGY5T9C69BlGZF6Yb4Xhh3fZP3oY3uFRe15njDLCxOu-4GcQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 106ms
50ms Fetch
text/css 2606:4700:e0::ac40:640a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=a1dd559393
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a1dd559393.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhoSqyzh5PiZGocHXjyv0wMuk6Y4SSvp4p17WyWOQrgQkDvMnMYjE9shgwEH1byk8rxOdiV5xLQ1nTOr1F7yWOR8d1LuUwweRs1wmAzQbzNNPIxBb89Ki0Juj6xiUmDjdFswi1pLR%2FEYk6CD6SDr2VUMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5472e28eed0493-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: QzckK0ug0LBE0Bvj6Jo5IV1sVvr4loilM5tmi1gMfWFdPJcr1TO9TA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 83ms
27ms Fetch
text/css 2606:4700:e0::ac40:640a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=a1dd559393
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a1dd559393.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:34 GMT
via: 1.1 946a47118939fc2908c7ce8e46e8d16c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-P1
age: 24304
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVc776u0sMhHf3MeVunCZgnz0tARv981n7e30f%2Br9%2FSTtLOe5i5a6gaSjS7TXQrbxguEgf8oSsZBoiutB0PxRVs7wJCPjLu%2Fm5xj%2F9DMUBNF%2FIFAaBXBJ%2BsOGP07iJtOU3vAQS%2FUfh42ASitaJ%2ByrEpLig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5472e28eee0493-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: CnvG4Z2V5-csTSimaKykpIl4t9HdXR1NIUmoU2evG3ZAXj6cFvjhJw==

GET
H2

200

pmx_check.png
storage.pardot.com/11082/1633007621rTdGDbfO/
Redirect Chain

https://go.paymode.com/pmx-check-icon
https://storage.pardot.com/11082/1633007621rTdGDbfO/pmx_check.png

9 KB
9 KB

379ms
379ms

Image
image/png

2600:9000:203b:9a00:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/11082/1633007621rTdGDbfO/pmx_check.png
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 2600:9000:203b:9a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c13551f80422ce03539f031f5c17023f74dd8ea5e509ba998111d3813e838e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:36 GMT
x-amz-version-id: aG677w8OHt9vxckz5h677coP2Dmc8nQO
via: 1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 13:13:42 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C1
etag: "42ac7c431d2b75226c7d4cc4abb82003"
x-cache: Miss from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 9291
x-amz-cf-id: rSgvc_HZRWJqfKPBTPUozEuDssogpz1Reo9iUk_nBFDG3_5PytIEmg==

Redirect headers

Date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/11082/1633007621rTdGDbfO/pmx_check.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 140
expires: Wed, 10 May 2023 19:14:35 GMT

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
13 KB 97ms
96ms Font
font/woff2 2606:4700:e0::ac40:640a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://go.paymode.com/
Origin: https://go.paymode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnCzrzymvB0NSxGNNdB5X%2BgQG2JQYsG34EruhlILsaTLd6NSWe%2Fp0tKkyf0jIKkCkDUB4mDrKU2P%2BfFDGCy08JFs1WnsfG71mvdW5t%2Fh9HRnw4odcZ4USMaTLBCEDGDKNTOx9PgsqcuiZXQnK4xxAcnOpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7c5472e358400493-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qdz9E15FBTY6cJVG73QwaVD_IvGlcaqaqIXlGzQ5lbp82hHHmH1oOg==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 99ms
99ms Font
font/woff2 2606:4700:e0::ac40:640a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://go.paymode.com/
Origin: https://go.paymode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYb5OAaxG4Iwptzp%2B8Xk0HVWVx6sf4behMf7tMiNCUQi%2BD9D1oE7CeIz8pzeh6moE5qf%2FcDyjZp9BiAYTCKZLgToNs4Y%2FqXREWuMNH7oe4w%2BEjwpbdVEBYz2t2%2BfbKQZIQtcw99L98UQm4EV6OtJFekY7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7c5472e358440493-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: VOlJfPEG53lK2DNQYywl79ZX5cBBrg7lQTEHEfcynkpEtXN2gq7tsg==

GET
H2 200 hotjar-1395637.js Show response
static.hotjar.com/c/ 9 KB
4 KB 122ms
46ms Script
application/javascript 13.225.34.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1395637.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-68.cdg3.r.cloudfront.net

Software

Resource Hash

62c9ff3a6637fcc1b65cabc767e49ca782a25a893223313b168ab03874248049

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 May 2023 19:03:59 GMT
via: 1.1 2be4364c1cde74eab64cab67d1de266a.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1a20ba18a655e101121e82827f8a1103
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: __txo4KcX5IxdjuUHhbSW6qP6NsFIktwICQa2G0Tf_olwZLIB6XrSQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 81ms
20ms Script
application/x-javascript 2a02:26f0:780::5f65:36d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:36d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10833
accept-ranges: bytes
content-length: 4777

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/ 2 KB
1 KB 113ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/?random=1683745475185&cv=11&fst=1683745475185&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&hn=www.googleadservices.com&frm=0&tiba=Connecticut%20Water&auid=348308432.1683745475&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e14278f164027c85eb8a3a585911ec9126a7a6db481757452e9ba5c5b73fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976009631/ 2 KB
2 KB 80ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976009631/?random=1683745475187&cv=11&fst=1683745475187&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&hn=www.googleadservices.com&frm=0&tiba=Connecticut%20Water&auid=348308432.1683745475&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73ac60e261d6798ac137ba8898308b7a1896a46d9631191172320c5230dbbc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 120ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 10 May 2023 19:04:34 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D6406254763437A9A2E583AB7DC337A Ref B: FRA31EDGE0708 Ref C: 2023-05-10T19:04:35Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12048

GET
H2

200

33020b3b-32e5-45ca-8d91-4e388a92407d_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d.js
https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d_eu.js

189 KB
55 KB

25ms
24ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d_eu.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Mouseflow /

Resource Hash

78ad5d911b902b5a08ee3d2650cddb003d1773e9be8b56914dbb08ecc34e6909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 17 Apr 2023 09:22:10 GMT
server: Mouseflow
etag: W/"79b38b16e71d91:0"
x-cache-status: HIT
x-hw: 1683745475.cds339.fr8.hn,1683745475.cds247.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 56175

Redirect headers

date: Wed, 10 May 2023 19:04:35 GMT
x-hw: 1683745475.cds339.fr8.hn,1683745475.cds211.fr8.c
location: https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/33020b3b-32e5-45ca-8d91-4e388a92407d.js
content-length: 0

GET
H2 200 Ei89xrHr4hANrgxJsdOQ Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 293ms
226ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/Ei89xrHr4hANrgxJsdOQ

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

819efb7302ff5d27a7f851e62daccb42f7de3c509c56ffc5584a0939a6f26383

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7c5472e4d8d2bb50-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET 3159.js
js.idio.co/ 0
0

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
67 KB 100ms
21ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8dbe7b0f1e618f206a69f3b8d3d5c9936595bcda506c624d6da616faea627a8c

Request headers

Referer: https://go.paymode.com/
Origin: https://go.paymode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:39:33 GMT
content-encoding: br
age: 1502
x-guploader-uploadid: ADPycdtLVLzDCzmmpQQ2EXX6LcXmVtHg-pvBEIOLyt49MaZAOH4A5U3XXvSY3VAOQyE0vSYNc2JzGz2NNdp2hHlynBE7RJT5vxyI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68041
last-modified: Mon, 08 May 2023 13:40:42 GMT
server: UploadServer
etag: "7e70e29dc2ee9e64877ef36aeadd3df8"
vary: Accept-Encoding
x-goog-generation: 1683553242886729
x-goog-hash: crc32c=7OebOQ==, md5=fnDincLunmSHfvNq6t09+A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68041
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 10 May 2023 19:39:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 May 2023 19:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sWlVKpmZ5C3PDklEPmn8e9g0fXsJEo8woaBZHbmkqdzj9JBfS6a3S1FoWxrIGdQgZ2i+ZnMFlJtgN2FmcgULjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1378034/domain/go.paymode.com/ 36 B
376 B 96ms
26ms XHR
application/json 2600:9000:2315:2600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1378034/domain/go.paymode.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://go.paymode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:20:33 GMT
content-encoding: gzip
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 2642
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: FYkBUV_YDYB1fLdY-IjYEkiM1PvB-7vZPkn75sSta1gAg-xNaNB2nA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1378034%26time%3D1683745475270%26url%3Dhttps%253A%252F%252Fgo.paymode.com%252Fcon...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true&e_ipv6=AQJkJdp96Z85wQAAAYgHDQznOOdo1RDrw...

0
481 B

230ms
166ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true&e_ipv6=AQJkJdp96Z85wQAAAYgHDQznOOdo1RDrwKCrQ2u4DWMeJUnOBKP8KCToyc89-fvF2bGO5zqOTUpS
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4D5161C32D1B4111A0FE94ECAE8B0847 Ref B: FRAEDGE1221 Ref C: 2023-05-10T19:04:35Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7W4r90r+iX9R/qPy5jQ==

Redirect headers

date: Wed, 10 May 2023 19:04:35 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 70CED86AAF3149EDA14A6F5F7DFE472E Ref B: FRAEDGE1706 Ref C: 2023-05-10T19:04:35Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1683745475270&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&liSync=true&e_ipv6=AQJkJdp96Z85wQAAAYgHDQznOOdo1RDrwKCrQ2u4DWMeJUnOBKP8KCToyc89-fvF2bGO5zqOTUpS
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7W4r6T+m8OFS73Ahftw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/976009631/ 42 B
455 B 86ms
36ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976009631/?random=1683745475187&cv=11&fst=1683745200000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&frm=0&tiba=Connecticut%20Water&fmt=3&is_vtc=1&random=1823900115&rmt_tld=0&ipr=y

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/976009631/ 42 B
455 B 83ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976009631/?random=1683745475187&cv=11&fst=1683745200000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&frm=0&tiba=Connecticut%20Water&fmt=3&is_vtc=1&random=1823900115&rmt_tld=1&ipr=y

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/940292856/ 42 B
108 B 35ms
35ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940292856/?random=1683745475185&cv=11&fst=1683745200000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&frm=0&tiba=Connecticut%20Water&fmt=3&is_vtc=1&random=118112441&rmt_tld=0&ipr=y

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/940292856/ 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940292856/?random=1683745475185&cv=11&fst=1683745200000&bg=ffffff&guid=ON&async=1&gtm=45He3580&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&frm=0&tiba=Connecticut%20Water&fmt=3&is_vtc=1&random=118112441&rmt_tld=1&ipr=y

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 19:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6485e66e018398b15c50.js Show response
script.hotjar.com/ 264 KB
68 KB 88ms
22ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6485e66e018398b15c50.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1395637.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

08a42d8f7eca0560993697fa53c48bad4fbf1028e06d9ae9545e0803ca24ec8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 19528
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69316
last-modified: Wed, 10 May 2023 13:38:29 GMT
etag: "7c226a7472950599c7ea65e6a1a58825"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: o9uHUAn4G0FcE8RABKnA_riK9zdDCCraHzePfi2Gi6sc0fep4rqTxA==

GET
H2 204 148015707.js Show response
bat.bing.com/p/action/ 0
136 B 140ms
139ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148015707.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 10 May 2023 19:04:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 659365604B18455EB51824FBD70F72DE Ref B: FRA31EDGE0708 Ref C: 2023-05-10T19:04:35Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 3085532068369073 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 167ms
167ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3085532068369073?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7220f72f34f84aa7394a165007afdf126fd06de6cbdfab88ff23222e039d4ffa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 May 2023 19:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7CLuuu5Edu6r8obbQrN5hsnJeCjbG/hZ2iGMA2C9oM/5zE0m0Jev+8AUCoBjGG64Gi8bOD80nGJeTyRf4QPxuQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/199H2R/v1/ 4 KB
1 KB 119ms
119ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/199H2R/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2779c1a45062a62e09e4671363f23a8176b692f131af11bf75f98868d3f62dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdum7eIm7Flzx9-tI1vkc9kgQaa8_QNlIPkYtIhJd7XZUF_z4qoPxKB0v1oxMMAUdKxIv8NtKTfoHYdzIg5xNuM05Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1111
last-modified: Thu, 02 Jun 2022 22:38:24 GMT
server: UploadServer
etag: "58d0b8324e54937fa1fa8c24bb943d0b"
x-goog-generation: 1654209504729381
x-goog-hash: crc32c=Q1KhaA==, md5=WNC4Mk5Uk3+h+owku5Q9Cw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1111
accept-ranges: bytes
content-type: application/json
expires: Wed, 10 May 2023 19:19:35 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 77 B
283 B 204ms
144ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

f3c8c98f6e068d442641ec56f6aab9247b8d31cef340beb6e4a92c5ebf953b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.paymode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://go.paymode.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3085532068369073&ev=PageView&dl=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&rl=&if=false&ts=1683745475626&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683745475625.1877250764&it=1683745475401&coo=false&rqm=GET

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 May 2023 19:04:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK c4063553-9200-498b-aa64-3edab4e64c0a
https://go.paymode.com/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.paymode.com/c4063553-9200-498b-aa64-3edab4e64c0a
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/flow-gallery@latest/dist/flow-gallery.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d22817007abfad8e597fa2a7427fa4c78bc050d436a9f3dcd7fbc12cfcf7da6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 2233
Content-Type: text/css

GET
BLOB 200
OK 84e28001-9df7-4065-ab5a-cb404f769f18
https://go.paymode.com/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.paymode.com/84e28001-9df7-4065-ab5a-cb404f769f18
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/flow-gallery@latest/dist/flow-gallery.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d22817007abfad8e597fa2a7427fa4c78bc050d436a9f3dcd7fbc12cfcf7da6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 2233
Content-Type: text/css

GET /
api2963.d41.co/sync/ 0
0

GET dnb_coretag_v5.min.js
cdn-0.d41.co/tags/ 0
0

GET
H2 204 1395637 Show response
vc.hotjar.io/sessions/ 0
257 B 143ms
54ms XHR
text/plain 13.225.34.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1395637?s=0.25&r=0.219188200610696
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6485e66e018398b15c50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-86.cdg3.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:04:35 GMT
via: 1.1 af0a4579a75789980eb9374096ea1816.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: CDG3-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: ZdFV5adk1Yc4NCvCkQarnRmjMYSHmRuYeDt_nnPSeMgUFCDiJylsJw==

GET
H2 204 0
bat.bing.com/action/ 0
288 B 45ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148015707&tm=gtm002&Ver=2&mid=9b037c91-7606-414f-aa22-e728194c94b9&sid=814a1e20ef6511ed98a05d4d0da89610&vid=814a50a0ef6511edb2b41d2e95eec69b&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Connecticut%20Water&p=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&r=&lt=1603&evt=pageLoad&sv=1&rn=101850

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 May 2023 19:04:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64BB8C47B6014EDDB751E88F14DBC4A9 Ref B: FRA31EDGE0708 Ref C: 2023-05-10T19:04:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pd.js Show response
go.paymode.com/ 5 KB
2 KB 113ms
112ms Script
application/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.paymode.com/pd.js
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 19:04:36 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
last-modified: Wed, 10 May 2023 05:26:28 GMT
Server: PardotServer
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Fri, 09 May 2025 19:04:36 GMT

GET
H/1.1 200
OK analytics Show response
go.paymode.com/ 1 KB
2 KB 400ms
399ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.paymode.com/analytics?ver=3&visitor_id=679671649&visitor_id_sign=f2d671530c19dddce727326c1fd916f7b10a9dda6176a1be44ca7ea27dcf82658b2e2a6a33dde5112d0345789dc7eeb45bebea08&pi_opt_in=&campaign_id=111951&account_id=12082&title=Connecticut%20Water&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&referrer=
Requested by: Host: go.paymode.com
URL: https://go.paymode.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: d6e134b740295d6a10c862f7be4b90fe993da5cbf7a06a1830207c8dd0a1eb1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/connecticutwater/G-FUZYCYPE5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 10 May 2023 19:04:37 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 547
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 50ms
49ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3085532068369073&ev=Microdata&dl=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&rl=&if=false&ts=1683745477130&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Connecticut%20Water%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683745475625.1877250764&it=1683745475401&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 May 2023 19:04:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 50 B
1 KB 443ms
220ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?conly=true&visitor_id=679671649&visitor_id_sign=f2d671530c19dddce727326c1fd916f7b10a9dda6176a1be44ca7ea27dcf82658b2e2a6a33dde5112d0345789dc7eeb45bebea08&pi_opt_in=&campaign_id=111951&account_id=12082&title=Connecticut%20Water&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&referrer=

Requested by

Host: go.paymode.com
URL: https://go.paymode.com/analytics?ver=3&visitor_id=679671649&visitor_id_sign=f2d671530c19dddce727326c1fd916f7b10a9dda6176a1be44ca7ea27dcf82658b2e2a6a33dde5112d0345789dc7eeb45bebea08&pi_opt_in=&campaign_id=111951&account_id=12082&title=Connecticut%20Water&url=https%3A%2F%2Fgo.paymode.com%2Fconnecticutwater%2FG-FUZYCYPE5&referrer=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.paymode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 10 May 2023 19:04:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.idio.co
URL: http://js.idio.co/3159.js

Domain: api2963.d41.co
URL: http://api2963.d41.co/sync/

Domain: api2963.d41.co
URL: http://api2963.d41.co/sync/

Domain: cdn-0.d41.co
URL: http://cdn-0.d41.co/tags/dnb_coretag_v5.min.js

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.paymode.com/	1970-01-20 21:18:25	Name: visitor_id11082 Value: 679671649
go.paymode.com/	1970-01-20 21:18:25	Name: visitor_id11082-hash Value: f2d671530c19dddce727326c1fd916f7b10a9dda6176a1be44ca7ea27dcf82658b2e2a6a33dde5112d0345789dc7eeb45bebea08
.paymode.com/	1970-01-20 13:52:01	Name: _gcl_au Value: 1.1.348308432.1683745475
.doubleclick.net/	1970-01-20 11:42:26	Name: test_cookie Value: CheckForPermission
go.paymode.com/	1970-01-20 11:43:51	Name: ln_or Value: eyIxMzc4MDM0IjoiZCJ9
.linkedin.com/	1970-01-20 12:25:37	Name: UserMatchHistory Value: AQIEJ3WxuukgmQAAAYgHDQttdMhvHLLc7oPzmpbhgosMf4Nc46s36Ti5UpmFhw9aTGUDG2vhYFJEsQ
.linkedin.com/	1970-01-20 12:25:37	Name: AnalyticsSyncHistory Value: AQIpF1OCm_n2dAAAAYgHDQtt9TM0WVBAlpegaIDQezuht4h2JvQyn9_66TLBkIA7HsIdXKc_QPgOevnDwRbg5A
.linkedin.com/	1970-01-20 20:28:01	Name: bcookie Value: "v=2&ddaafc12-8278-4428-8454-187b8f1ccb11"
.linkedin.com/	1970-01-20 11:43:51	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3012:u=1:x=1:i=1683745475:t=1683831875:v=2:sig=AQGOnPnHYhv5j7TE2y0eJZpfGjKsa3qh"
.ws.zoominfo.com/	1970-01-20 20:28:01	Name: visitorId Value: df6bdcb7032fd6d1504c907dd4034d62e70901d4768aaf8507abdeef16ed10f3
.zoominfo.com/	1970-01-20 11:42:27	Name: __cf_bm Value: BmPc6ww.1Avg8JKptkoE4sZ_JXExD11Tc4ZC7SzSbFs-1683745475-0-AYhaAjfsfL4WPHfil+dZhLYF7CYLDxuV2c2NGeO4p7MJ81HKlVPJPRb1VUiowF+gjYskhFv2oW8Q/17EA+lWFs0=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: NLykgq3JHznpONB7OZCY3vbg9MSx7nWNhE6EDiOUoRE-1683745475543-0-604800000
.paymode.com/	1970-01-20 13:52:01	Name: _fbp Value: fb.1.1683745475625.1877250764
.www.linkedin.com/	1970-01-20 20:28:01	Name: bscookie Value: "v=1&2023051019043572625afb-a4bc-4c32-8b73-b55abff076f4AQG0b9GaNnUv7cRgSpwTTRmpgB7JeU26"
.linkedin.com/	1970-01-20 16:01:37	Name: li_gc Value: MTswOzE2ODM3NDU0NzU7MjswMjFCaflrmwacNL5O56y9YGpX/2YRChaPQPDrTzTGVBN9QA==
.paymode.com/	1970-01-20 20:28:01	Name: _hjSessionUser_1395637 Value: eyJpZCI6Ijk3ZDVlZThiLThkODEtNTQxMy1hM2VhLTIxYzE4NTliNDcwNSIsImNyZWF0ZWQiOjE2ODM3NDU0NzU1MjQsImV4aXN0aW5nIjpmYWxzZX0=
.paymode.com/	1970-01-20 11:42:27	Name: _hjFirstSeen Value: 1
.paymode.com/	1970-01-20 11:42:25	Name: _hjIncludedInSessionSample_1395637 Value: 0
.paymode.com/	1970-01-20 11:42:27	Name: _hjSession_1395637 Value: eyJpZCI6IjIzMjEyYWU3LTliOTktNGFkYy1hNTRhLWU5YmMxODVkMzE0ZSIsImNyZWF0ZWQiOjE2ODM3NDU0NzU4MTMsImluU2FtcGxlIjpmYWxzZX0=
.paymode.com/	1970-01-20 11:42:27	Name: _hjAbsoluteSessionInProgress Value: 1
.paymode.com/	1970-01-20 11:43:51	Name: _uetsid Value: 814a1e20ef6511ed98a05d4d0da89610
.paymode.com/	1970-01-20 21:04:01	Name: _uetvid Value: 814a50a0ef6511edb2b41d2e95eec69b
.bing.com/	1970-01-20 21:04:01	Name: MUID Value: 2D3BBC10AB56694E17FFAF1DAAFA68F6
go.paymode.com/	1970-01-20 11:42:27	Name: lpv11082 Value: aHR0cHM6Ly9nby5wYXltb2RlLmNvbS9jb25uZWN0aWN1dHdhdGVyL0ctRlVaWUNZUEU1
.pardot.com/	1970-01-20 21:18:25	Name: visitor_id11082 Value: 679671649
.pardot.com/	1970-01-20 21:18:25	Name: visitor_id11082-hash Value: f2d671530c19dddce727326c1fd916f7b10a9dda6176a1be44ca7ea27dcf82658b2e2a6a33dde5112d0345789dc7eeb45bebea08

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Mixed Content: The page at 'https://go.paymode.com/connecticutwater/G-FUZYCYPE5' was loaded over HTTPS, but requested an insecure script 'http://js.idio.co/3159.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977(Line 557) Message: Mixed Content: The page at 'https://go.paymode.com/connecticutwater/G-FUZYCYPE5' was loaded over HTTPS, but requested an insecure script 'http://api2963.d41.co/sync/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5 Message: Mixed Content: The page at 'https://go.paymode.com/connecticutwater/G-FUZYCYPE5' was loaded over HTTPS, but requested an insecure script 'http://api2963.d41.co/sync/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://go.paymode.com/connecticutwater/G-FUZYCYPE5 Message: Mixed Content: The page at 'https://go.paymode.com/connecticutwater/G-FUZYCYPE5' was loaded over HTTPS, but requested an insecure script 'http://cdn-0.d41.co/tags/dnb_coretag_v5.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api2963.d41.co
bat.bing.com
cdn-0.d41.co
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.mouseflow.com
connect.facebook.net
edge.fullstory.com
go.paymode.com
googleads.g.doubleclick.net
js.idio.co
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
rs.fullstory.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
storage.pardot.com
vc.hotjar.io
ws.zoominfo.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
api2963.d41.co
cdn-0.d41.co
js.idio.co
13.107.42.14
13.225.34.68
13.225.34.86
151.139.128.10
2600:9000:203b:9a00:d:7e9b:1200:93a1
2600:9000:2315:2600:2:53b2:240:93a1
2606:4700::6810:a852
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e0::ac40:640a
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a02:26f0:780::5f65:36d9
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::485
3.92.120.28
34.237.219.119
35.186.194.58
35.201.112.186
52.222.236.43
08a42d8f7eca0560993697fa53c48bad4fbf1028e06d9ae9545e0803ca24ec8a
0a70c0d6a88661526d70dd09f9b694438d49a2c296c18fc0b7ee2baf6605a003
23a85715a004d99a60c1be103c86c7b72502ee770b54591e43f47ed83b4c1430
2779c1a45062a62e09e4671363f23a8176b692f131af11bf75f98868d3f62dac
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d462a49dacd329e8ab1fb9d9379f76f0283492f11b1057ac2dd8124677f241c
39d5bfd7be56da01949105b6e908cdc5f5399b2f6123e7d6ddfaef954efd8de9
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
486b2df568a823739b3cd81676e629034d3399d67b5867f6c8c9fca88d3f0cc1
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4c13551f80422ce03539f031f5c17023f74dd8ea5e509ba998111d3813e838e7
5076774cdc628a4a883abb321fec40544c51703fffe7a7425d974c44606a8efc
546c636e6f128c12c0acfe30b305cb1286c0d5c104a49efea14eca6c4667849e
62c9ff3a6637fcc1b65cabc767e49ca782a25a893223313b168ab03874248049
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6dfc64b987843c4195a778972974163560d2bb381c85b6a4f22593964a4464e9
7220f72f34f84aa7394a165007afdf126fd06de6cbdfab88ff23222e039d4ffa
73ac60e261d6798ac137ba8898308b7a1896a46d9631191172320c5230dbbc65
78ad5d911b902b5a08ee3d2650cddb003d1773e9be8b56914dbb08ecc34e6909
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
819efb7302ff5d27a7f851e62daccb42f7de3c509c56ffc5584a0939a6f26383
8dbe7b0f1e618f206a69f3b8d3d5c9936595bcda506c624d6da616faea627a8c
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
9d5716f22eb3088ef8247f287172b7600b89fbf22a34b1cbc3075a07a3e583b4
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c8aa051561473798010bffb2c80233dc2153d37d54f9f54598cb46ad8b428b07
c8d4d86183f43241a6769376ce3a1928889bd5be61263347570effd81d3173bc
cdd32a0cc2ef39c888bb3df1fbf7d268fe84e9c3fff9fc6f14ef25c4a92b0d2e
d0e14278f164027c85eb8a3a585911ec9126a7a6db481757452e9ba5c5b73fb6
d22817007abfad8e597fa2a7427fa4c78bc050d436a9f3dcd7fbc12cfcf7da6a
d6e134b740295d6a10c862f7be4b90fe993da5cbf7a06a1830207c8dd0a1eb1a
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e9d3a3e329197af5982bb8556d6a92f8fe8f371773fc28aeb1978dd8b65066cc
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
eefad23e1728d091e04cf90a5edc62e6bb5ca30279b9da04401018120d915b73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c8c98f6e068d442641ec56f6aab9247b8d31cef340beb6e4a92c5ebf953b8e
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

go.paymode.com Open in urlscan Pro 34.237.219.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

66 %HTTPS

65 %IPv6

23 Domains

30 Subdomains

26 IPs

2 Countries

1459 kBTransfer

2972 kBSize

26 Cookies

4 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.paymode.com Open in urlscan Pro
34.237.219.119 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

66 %
HTTPS

65 %
IPv6

23
Domains

30
Subdomains

26
IPs

2
Countries

1459 kB
Transfer

2972 kB
Size

26
Cookies

56 HTTP transactions
0 data transactions