urlscan.io logo urlscan.io
SecurityTrails logo

fms.ocps.net Open in urlscan Pro
13.72.52.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://fms.ocps.net/Applicant
Submission: On September 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 13.72.52.157, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fms.ocps.net.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 18th 2023. Valid for: a year.
This is the only time fms.ocps.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13.72.52.157 8075 (MICROSOFT...)
1 142.251.163.95 15169 (GOOGLE)
1 172.253.122.94 15169 (GOOGLE)
12 3
Apex Domain
Subdomains		 Transfer
10 ocps.net
fms.ocps.net
1015 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
1 KB
12 3
Domain Requested by
10 fms.ocps.net fms.ocps.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com fms.ocps.net
12 3

This site contains links to these domains. Also see Links.

Domain
www.ocps.net
ocps.instructure.com
Subject Issuer Validity Valid
fms.ocps.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-18 -
2024-04-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fms.ocps.net/Applicant
Frame ID: D0E6F4CD4C33E2F0C5EDC60D25F74FA4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1029 kB
Transfer

1027 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Applicant
fms.ocps.net/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf5faf485925aa69da5089854d939c1d3562578eff650f5e35aefd9d2a34dbdf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Length
6548
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Sep 2023 14:11:57 GMT
Server
Microsoft-IIS/10.0
Via
1.1 OCPSPrxy (squid/5.2)
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Cache
MISS from OCPSPrxy
X-Cache-Lookup
MISS from OCPSPrxy:3128
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
bootstrap.css
fms.ocps.net/Applicant/Content/Common/Styles/bootstrap-css/ 		194 KB
195 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Content/Common/Styles/bootstrap-css/bootstrap.css
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf2472fc053329ea2ce8ce127b8cccffbd7797b89e79ab3e91da4a9912dcb69d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0f2be76cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198956
pubStyles.css
fms.ocps.net/Applicant/Content/Common/Styles/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Content/Common/Styles/pubStyles.css
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9e7721e47bf38f362e90ac78eff6891d1ccda1e1baef08b7adab416a5c8a57c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:47:30 GMT
Server
Microsoft-IIS/10.0
ETag
"01de650ce4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5268
theme.css
fms.ocps.net/Applicant/Content/FLOCPS/Styles/ 		190 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Content/FLOCPS/Styles/theme.css
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e4e039994e6485f4a76ff3c3fdca939df0dbadaf471c4942bf8b0a93a200bc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0f2be76cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
194943
jquery.js
fms.ocps.net/Applicant/Scripts/ 		249 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Scripts/jquery.js
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0893a5cf9b67a10ea03027a7dd057827d9221d878ddd5954a115a2be2566d5b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:47:30 GMT
Server
Microsoft-IIS/10.0
ETag
"01de650ce4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
254709
cleave.js
fms.ocps.net/Applicant/Scripts/Pub/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Scripts/Pub/cleave.js
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
600ede6d13391254581c158852d53e7c43029e06d168009b6df0d31a0929f351

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:28 GMT
Server
Microsoft-IIS/10.0
ETag
"04c2179cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51275
pub.js
fms.ocps.net/Applicant/Scripts/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Scripts/pub.js
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2952886546be0e0620c32d2f9b09e2899d4873bc0bde029692cc33c44256fb39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:28 GMT
Server
Microsoft-IIS/10.0
ETag
"04c2179cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42805
knockout.js
fms.ocps.net/Applicant/Scripts/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Scripts/knockout.js
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecf22e96534fbcfa930ef604a33057175e9380c642ef3a3ff3a22aab47c32f6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:47:30 GMT
Server
Microsoft-IIS/10.0
ETag
"01de650ce4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83501
OCPS-logo-header.png
fms.ocps.net/Applicant/Content/FLOCPS/Images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fms.ocps.net/Applicant/Content/FLOCPS/Images/OCPS-logo-header.png
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a798b04fa3b659ac187c54a405c71ce752473e5e0f2bd5323b0820c57172c31f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0f2be76cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67207
bootstrap.js
fms.ocps.net/Applicant/Scripts/bootstrap-js/ 		127 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fms.ocps.net/Applicant/Scripts/bootstrap-js/bootstrap.js
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.72.52.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b142178920d665458cd7ee019a153296cc19b93cfe9768c2cc1aa772a1ae6538

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/Applicant
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 14:11:57 GMT
Via
1.1 OCPSPrxy (squid/5.2)
X-Cache-Lookup
MISS from OCPSPrxy:3128
Last-Modified
Fri, 03 Mar 2023 12:41:28 GMT
Server
Microsoft-IIS/10.0
ETag
"04c2179cd4dd91:0"
X-Powered-By
ASP.NET
X-Cache
MISS from OCPSPrxy
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
130293
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat|Spectral
Requested by
Host: fms.ocps.net
URL: https://fms.ocps.net/Applicant/Content/FLOCPS/Styles/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
cc58980a637bc8a0dba44555a768a9ad64272f57df02625c95e1b4cb986c5f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fms.ocps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 14:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 14:11:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 14:11:57 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Spectral
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fms.ocps.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:27:43 GMT
x-content-type-options
nosniff
age
438255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 12:27:43 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Cleave function| BcsPostOptions object| pub function| pubDlgObj object| pubdlgs object| summaryHelper object| searchPartialHelper object| appajax object| PostTypeEnum object| PostTypeResult string| thhead string| nIcon string| sIcon string| nSpacerIcon string| sSpacerIcon string| sSpacer object| koutils object| ko object| bootstrap

2 Cookies

Domain/Path Name / Value
fms.ocps.net/ Name: ASP.NET_SessionId
Value: 30rp4mfoonkxbhijvehxklbr
fms.ocps.net/ Name: __RequestVerificationToken_L0FwcGxpY2FudA2
Value: zv7qm8StQCvc6KKudJmOmsK-Sr5pBFyc8fY0nkkrIwJoMwhpvz9-2p8jW5aB3TMsl8JiYWxDRuWNwkOIz8YNqItMP3mJNlyfB56SpVm4KiQ1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN