riverforest.merchanttransact.com Open in urlscan Pro
2606:4700::6810:5330 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://riverforest.merchanttransact.com/secure/makePayment.aspx
Effective URL:
https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
Submission: On June 29 via manual (June 29th 2021, 2:23:50 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6810:5330, located in United States and belongs to CLOUDFLARENET, US. The main domain is riverforest.merchanttransact.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on March 29th 2021. Valid for: a year.

This is the only time riverforest.merchanttransact.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700::68... 2606:4700::6810:5330	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.77.97 65.9.77.97	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
13	3

11 2606:4700::6810:5330 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

riverforest.merchanttransact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.97 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	merchanttransact.com 1 redirects riverforest.merchanttransact.com	37 KB
3	pendo.io cdn.pendo.io app.pendo.io	129 KB
13	2

	Domain	Requested by
11	riverforest.merchanttransact.com	1 redirects riverforest.merchanttransact.com
2	app.pendo.io	cdn.pendo.io
1	cdn.pendo.io	riverforest.merchanttransact.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
*.merchanttransact.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-03-29` - `2022-04-29`	a year	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
app.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-07-23` - `2021-10-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
Frame ID: B04B614FF99B24681A343F066020B0B1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://riverforest.merchanttransact.com/secure/makePayment.aspx HTTP 302
https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

165 kB
Transfer

453 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://riverforest.merchanttransact.com/secure/makePayment.aspx HTTP 302
https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request default.aspx Show response
riverforest.merchanttransact.com/
Redirect Chain

https://riverforest.merchanttransact.com/secure/makePayment.aspx
https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

14 KB
7 KB

907ms
906ms

Document
text/html

2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3185d12d75a90d15faa7eb2e00c289598d9b7136fc2a085f01ed55eee40199e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: riverforest.merchanttransact.com
:scheme: https
:path: /default.aspx?url=%2fsecure%2fmakePayment.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:31 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve; path=/; secure; HttpOnly; SameSite=Lax
request-context: appId=cid-v1:199f3678-3637-44e2-a067-219c6f5bf0e3
access-control-expose-headers: Request-Context
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
cf-cache-status: DYNAMIC
cf-request-id: 0af9c06d780000178e70998000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 666fd028b80d178e-FRA
content-encoding: gzip

Redirect headers

date: Tue, 29 Jun 2021 14:23:30 GMT
content-type: text/html; charset=utf-8
cache-control: private,no-store
pragma: no-cache
expires: -1
location: /default.aspx?url=%2fsecure%2fmakePayment.aspx
request-context: appId=cid-v1:199f3678-3637-44e2-a067-219c6f5bf0e3
access-control-expose-headers: Request-Context
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
cf-cache-status: DYNAMIC
cf-request-id: 0af9c06ab30000178e87309000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 666fd0245eda178e-FRA

GET
H2 200 style.aspx
riverforest.merchanttransact.com/ 6 KB
2 KB 593ms
592ms Stylesheet
text/css 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://riverforest.merchanttransact.com/style.aspx

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f250cb316d1c5d536cf5dce3f0a60a96a5c15a781fb2a71c4475d0d0d646880f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /style.aspx
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Accept-Encoding
content-length: 1648
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:199f3678-3637-44e2-a067-219c6f5bf0e3
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
cf-request-id: 0af9c071080000178e68af4000000001
cf-ray: 666fd02e7b9e178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 OnlineBills.js Show response
riverforest.merchanttransact.com/Scripts/ 1 KB
818 B 565ms
564ms Script
application/javascript 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://riverforest.merchanttransact.com/Scripts/OnlineBills.js

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

affd59ddae01fc6fde6a4ce8e85041cd08e772e81ebeced75069144729c53d9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /Scripts/OnlineBills.js
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Accept-Encoding
content-length: 642
cf-request-id: 0af9c071080000178e8ba0d000000001
last-modified: Mon, 28 Jun 2021 14:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "70afecac266cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd02e7ba5178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 Logo.ashx
riverforest.merchanttransact.com/ 19 KB
19 KB 681ms
681ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/Logo.ashx

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b95732702ee61b3ae8e963925a6fc160d551d628bd92dc9c2ebfa6914d99f7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /Logo.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Host
content-length: 19690
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:199f3678-3637-44e2-a067-219c6f5bf0e3
server: cloudflare
x-frame-options: SAMEORIGIN
etag: 9B-B7-B7-75-ED-69-DB-C2-75-AA-EF-DE-C6-50-90-70
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: Request-Context
cache-control: public
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
cf-request-id: 0af9c0733e0000178ecfa5a000000001
cf-ray: 666fd031fb35178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 new_visa.gif
riverforest.merchanttransact.com/images/ 992 B
1 KB 651ms
651ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/images/new_visa.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d7083667a1c8d10df9d36c2739ffd962486d9aca42f765290ad57bee97758a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/new_visa.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 992
cf-request-id: 0af9c073590000178ecfa5b000000001
last-modified: Mon, 28 Jun 2021 14:09:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2fc45146276cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0322b88178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 mc.gif
riverforest.merchanttransact.com/images/ 853 B
959 B 587ms
586ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/images/mc.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe31fe60755c715388fc1c4f8f1a98a1978a66b9805dc9992d22fe2bc6e77dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/mc.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 853
cf-request-id: 0af9c0735c0000178e90901000000001
last-modified: Mon, 28 Jun 2021 14:09:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "e4743f46276cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0322b91178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 amex.gif
riverforest.merchanttransact.com/images/ 391 B
528 B 141ms
141ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/images/amex.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81de258d55523457ccc2c9910ed269de11a1aa931f2f4516b9883dbe8b957a59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/amex.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 391
cf-request-id: 0af9c0735d0000178e8934a000000001
last-modified: Mon, 28 Jun 2021 14:09:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2c182a46276cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0322b96178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 discover.gif
riverforest.merchanttransact.com/images/ 744 B
2 KB 150ms
150ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/images/discover.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f855fa90ff5a1285019f23bc641db6779d93f46d1f74e17a9eb8960de72ce401

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/discover.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 744
cf-request-id: 0af9c0735d0000178e3f929000000001
last-modified: Mon, 28 Jun 2021 14:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b11dcbac266cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0322b9a178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 echeck.gif
riverforest.merchanttransact.com/images/ 1 KB
1 KB 144ms
144ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/images/echeck.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9277152b6c1911c946cd320fe940daddab16715dc92497f3a1ea67ea29bfd2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/echeck.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 1118
cf-request-id: 0af9c0735e0000178e8ba4a000000001
last-modified: Mon, 28 Jun 2021 14:09:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8a1d3a46276cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0322b9d178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H2 200 box_bg.gif
riverforest.merchanttransact.com/Images/ 335 B
441 B 580ms
580ms Image
image/gif 2606:4700::6810:5330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://riverforest.merchanttransact.com/Images/box_bg.gif

Requested by

Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/style.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54d71f6a16baabfa962becddf0bc8bf5313513ac703d7963407b4087dc1dc266

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /Images/box_bg.gif
pragma: no-cache
cookie: ASP.NET_SessionId=f3mbe1wocae1fyh0lwq2nvve
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: riverforest.merchanttransact.com
referer: https://riverforest.merchanttransact.com/style.aspx
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://riverforest.merchanttransact.com/style.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 335
cf-request-id: 0af9c0736a0000178e5a9bb000000001
last-modified: Mon, 28 Jun 2021 14:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "573ab4ac266cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
accept-ranges: bytes
cf-ray: 666fd0324bb6178e-FRA
x-content-security-policy: upgrade-insecure-requests; frame-ancestors https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.pendo.io https://*.storage.googleapis.com https://*.google.com https://*.gstatic.com https://*.civicpay.com https://*.merchanttransact.com; style-src 'self' 'unsafe-inline' https://*.pendo.io https://*.storage.googleapis.com; object-src https://*.civicpay.com https://*.merchanttransact.com; connect-src 'self' https://*.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://*.civicpay.com https://*.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0/ 405 KB
127 KB 282ms
165ms Script
application/javascript 65.9.77.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0/pendo.js
Requested by: Host: riverforest.merchanttransact.com
URL: https://riverforest.merchanttransact.com/default.aspx?url=%2fsecure%2fmakePayment.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eb5a12e17b4ac56408580cabaddaca44531ab52d728cd6e89e7f316ff9175056

Request headers

Referer: https://riverforest.merchanttransact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 14:23:32 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: AMS1-C1
X-GUploader-UploadID: ADPycds4PTgp8stBRorAT8W7_wUk5VUgz_V2xAoJh_v48wVO53Jl6gtqyH7TnnM15A3g8CISSYus7PcpayeG-u5r_A
X-Cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 129066
Access-Control-Allow-Origin: *
Last-Modified: Thu, 17 Jun 2021 18:08:43 GMT
Server: UploadServer
ETag: "f366510bf129169cc10918a6db613e79"
Vary: Accept-Encoding
x-goog-hash: crc32c=qJBRsA==, md5=82ZRC/EpFpzBCRim22E+eQ==
x-goog-generation: 1623953323857420
Via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 129066
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 27dfq9louD_UQ5S5yA34rtApp7QLEE902FVg-oNqLT6dtDdXZrHCOw==
Expires: Tue, 29 Jun 2021 14:31:02 GMT

GET
H2 200 27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0
app.pendo.io/data/ptm.gif/ 42 B
115 B 181ms
134ms Image
image/gif 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0?v=2.95.2_prod&ct=1624976612859&jzb=eJzVkU-P2jAQxb9KZak3lBAL0gapqkoJ1dL9Q1kWVaqqaEgmEG1ip-MJlK747jsuFKmXvfTUmz0zz-_9PN-eFB9aVCPVIIPqqTXZvUPKuGqkGsV6kLyJ40i_HSQ9tatcxZayqhBBNk9vJ3fZMovS6KFe7e30eiIPQJ7bzvBpZnG1ShfTu0V6v5RWR7XUtsytG4UhVTuk0hI6DhqkfAuGmcA4yDnIbRMWWEJXcwCu_fletO9e69Jh3hHKoYFHnMOhQXMakOdbsq1To6c_Mf3xpaQ1mE0HGw-PJnu4V8dL-ov0bwDXta0ldgufgiqzOScQ10j8T5c52V1VoNirmzPW8oz16hMw7uHgnVogGf5w8ZNSIV1R6STsx6Hu60gs5Y9cZY0vB8kw0JlQFl7PsL7yCZNfsx_pVzNdj2fjx8mNEU1J0ODvZn29H9_OxlgOZ6svnz_2_YIPjJJ3kMTH3mX5tYXipeUP9X-zfI9yBtBRPPj3nxL64_dnJfsKQg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riverforest.merchanttransact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0 Show response
app.pendo.io/data/guide.js/ 3 KB
2 KB 173ms
132ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0?jzb=eJx9kE9r6zAQxL9KEfQW7NjQBzGU8iBOCbRNcP5czSJvElFbEqtV0lDy3bNugqGX3lajWc1v9K2OJhh2NG9Uoepl-TFd1Os6K7NNuz252dtUjRRo7aLlH0s135bVbFGVq7XcRGpFOzD7UKQpmSPSzhEGTjokfQDLTGADaE6069IGdxBbTiD4rxfZfX7MdwF1JJShg09cwrlDezPI8x0yNMCgioGzH80frC3YfYQ9igNtvVmpy8A_rP7uEKL3jjhUPQgZu79DBFVkI-VvhyW5o2lQ4tX7vdn63uzhFRhPcO6TPJCY_w95Igl_D5NP0vG_NB_nmUTKNwXjbC8nk6ckrz25Rl0uV-Klhpk&v=2.95.2_prod&ct=1624976612864

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/27e0d0b5-9db9-4a9d-4f3c-765f1d4fc2a0/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ec040d39a0c556af31433f362aa23db7502328fcb66fa5f6391bb0373d907629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riverforest.merchanttransact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			riverforest.merchanttransact.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: f3mbe1wocae1fyh0lwq2nvve

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; frame-ancestors https://.civicpay.com https://.merchanttransact.com https://.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.pendo.io https://.storage.googleapis.com https://.google.com https://.gstatic.com https://.civicpay.com https://.merchanttransact.com; style-src 'self' 'unsafe-inline' https://.pendo.io https://.storage.googleapis.com; object-src https://.civicpay.com https://.merchanttransact.com; connect-src 'self' https://.pendo.io; frame-src 'self' 'unsafe-inline' https://www.google.com https://.civicpay.com https://.merchanttransact.com https://*.pendo.io; font-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pendo.io
cdn.pendo.io
riverforest.merchanttransact.com
2606:4700::6810:5330
2a00:1450:4001:808::2013
65.9.77.97
3185d12d75a90d15faa7eb2e00c289598d9b7136fc2a085f01ed55eee40199e7
41d7083667a1c8d10df9d36c2739ffd962486d9aca42f765290ad57bee97758a
54d71f6a16baabfa962becddf0bc8bf5313513ac703d7963407b4087dc1dc266
6b95732702ee61b3ae8e963925a6fc160d551d628bd92dc9c2ebfa6914d99f7d
81de258d55523457ccc2c9910ed269de11a1aa931f2f4516b9883dbe8b957a59
affd59ddae01fc6fde6a4ce8e85041cd08e772e81ebeced75069144729c53d9a
c9277152b6c1911c946cd320fe940daddab16715dc92497f3a1ea67ea29bfd2d
dfe31fe60755c715388fc1c4f8f1a98a1978a66b9805dc9992d22fe2bc6e77dd
eb5a12e17b4ac56408580cabaddaca44531ab52d728cd6e89e7f316ff9175056
ec040d39a0c556af31433f362aa23db7502328fcb66fa5f6391bb0373d907629
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f250cb316d1c5d536cf5dce3f0a60a96a5c15a781fb2a71c4475d0d0d646880f
f855fa90ff5a1285019f23bc641db6779d93f46d1f74e17a9eb8960de72ce401

riverforest.merchanttransact.com Open in urlscan Pro 2606:4700::6810:5330 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

165 kBTransfer

453 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

riverforest.merchanttransact.com Open in urlscan Pro
2606:4700::6810:5330 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

165 kB
Transfer

453 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions