URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Submission: On November 18 via manual from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 146.177.26.1, located in United Kingdom and belongs to RACKSPACE-LON, GB. The main domain is www.myepaywindow.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 23rd 2019. Valid for: 2 years.
This is the only time www.myepaywindow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 146.177.26.1 15395 (RACKSPACE...)
14 1
Apex Domain
Subdomains
Transfer
14 myepaywindow.com
www.myepaywindow.com
1 MB
14 1
Domain Requested by
14 www.myepaywindow.com www.myepaywindow.com
14 1

This site contains no links.

Subject Issuer Validity Valid
www.myepaywindow.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-23 -
2021-01-22
2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Frame ID: A74F9D7812C44BF258964C419D165E98
Requests: 14 HTTP requests in this frame

Screenshot


Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1295 kB
Transfer

1279 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
www.myepaywindow.com/Account/VerifyIdentity/
10 KB
11 KB
Document
General
Full URL
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
dd5fefc446bfe46988437d57cc554cd5054ff0e8d0a78379b136fedf72ed2a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Host
www.myepaywindow.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1

Response headers

Cache-Control
private,no-cache,no-store,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Keep-Alive
timeout=4, max=993
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Set-Cookie
ASP.NET_SessionId=z4uvityiascfzfg305uyjhz5; path=/; secure; HttpOnly ASP.NET_SessionId=z4uvityiascfzfg305uyjhz5; path=/; secure; HttpOnly __RequestVerificationToken=OP8cGCm-Mz5ZMm6qK2b1y-VsNfi28bmniPxk_W7AkImx-2PyQmFehSaDktT40MSwwsgDC408jiA-fXXyIlTu0Ay8GYO_ANU4Y4bpwtHc1L01; path=/; secure; HttpOnly
Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Frame-Options
Deny
X-XSS-Protection
1
Date
Mon, 18 Nov 2019 19:49:01 GMT
Content-Length
10044
bootstrap
www.myepaywindow.com/Content/
114 KB
115 KB
Stylesheet
General
Full URL
https://www.myepaywindow.com/Content/bootstrap?v=OBNrQzL3wExYtm6mI6XZtSjYTUhQzpJAJDLOPEkK7yI1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
48aaf1fb409d284ad096e9b33b0feef43c03409a9ba3a8e9ebc1bbed98a6e67a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/css; charset=utf-8
Cache-Control
public,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
116417
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT
font-awesome
www.myepaywindow.com/Content/
29 KB
30 KB
Stylesheet
General
Full URL
https://www.myepaywindow.com/Content/font-awesome?v=3iEv8vqPidB6TVfgNOGrLoJr-SPH_mV3YwpggEk2_ao1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
8196fd42f97671c7eab85c6ffc2ecd607e7395c7fde64fdcb099c78d48f0be17
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/css; charset=utf-8
Cache-Control
public,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
29475
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT
login
www.myepaywindow.com/Content/
429 KB
430 KB
Stylesheet
General
Full URL
https://www.myepaywindow.com/Content/login?v=4E2jWuOIUKu6LN2yFnIbaga1bvO3yYtRkirm-5ZIK0U1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
2ad8da91e30e58d945a0e946e9d7c2df0ad4dcd55492b0faff5a680872266535
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/css; charset=utf-8
Cache-Control
public,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
438967
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT
modernizr
www.myepaywindow.com/bundles/
11 KB
12 KB
Script
General
Full URL
https://www.myepaywindow.com/bundles/modernizr?v=OoGgFHzAxKTawEufWfct3JaS3gGGuVx4BBltdeRBESo1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
e579d11d0683eafe34d3e1ccc08021220b277948e9738f58b9f5f94d1c19b9cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,no-cache,no-store,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
11093
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT,-1
googletagmanager
www.myepaywindow.com/bundles/
62 KB
63 KB
Script
General
Full URL
https://www.myepaywindow.com/bundles/googletagmanager?id=UA-113000787-1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
a7727ec3e5b3b6975ab0c5adfb9490e91a2f958c0f01c74c7cd00502da78af29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,no-cache,no-store,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
63667
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT,-1
myePayWindow_500.png
www.myepaywindow.com/Content/img/
28 KB
29 KB
Image
General
Full URL
https://www.myepaywindow.com/Content/img/myePayWindow_500.png
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
1851cf93660797e8140c3b1485ab0303b1a5b70e2cce07d75ebd10344f6d27b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 08 Jul 2019 11:20:38 GMT
Server
ETag
"8b3b422b7f35d51:0"
X-Frame-Options
Deny
Content-Type
image/png
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Date
Mon, 18 Nov 2019 19:49:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=993
Content-Length
28186
X-XSS-Protection
1
Global.js
www.myepaywindow.com/Scripts/bundle/
191 KB
192 KB
Script
General
Full URL
https://www.myepaywindow.com/Scripts/bundle/Global.js?v=8
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
dba531bdd13b57f6ecbf554ded38b0eab29f4524d9f24caa9ec4259a8fa9b6e7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Oct 2019 15:14:33 GMT
Server
ETag
"1dc9546dc67ad51:0"
X-Frame-Options
Deny
Content-Type
application/javascript
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Date
Mon, 18 Nov 2019 19:49:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=993
Content-Length
195466
X-XSS-Protection
1
jquery
www.myepaywindow.com/bundles/
82 KB
84 KB
Script
General
Full URL
https://www.myepaywindow.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
21fbbd6d8977efd96b0b22b85d6c6e393cf6b5841e817118f4ea7814ba0f1c4b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,no-cache,no-store,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
84291
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT,-1
bootstrap
www.myepaywindow.com/bundles/
35 KB
36 KB
Script
General
Full URL
https://www.myepaywindow.com/bundles/bootstrap?v=6F69ePQjyYoTsSTMs9YCaATNBbN2mbcwXjrwYRFN_Ys1
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
b177cec97844ec7c695bd1645de10895a3ab9bea879111ff476fdf85a7f43946
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Nov 2019 19:49:02 GMT
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,no-cache,no-store,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
User-Agent
Content-Length
35654
X-XSS-Protection
1
Keep-Alive
timeout=4, max=993
Expires
Tue, 17 Nov 2020 19:49:02 GMT,-1
background-epayslips.jpg
www.myepaywindow.com/Content/img/
163 KB
164 KB
Image
General
Full URL
https://www.myepaywindow.com/Content/img/background-epayslips.jpg
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/bundles/modernizr?v=OoGgFHzAxKTawEufWfct3JaS3gGGuVx4BBltdeRBESo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
4540c2a20cd026b3ee00117841b5f380c9a3abe03b9e6ec4f04257fa5cd83fae
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.myepaywindow.com/Content/login?v=4E2jWuOIUKu6LN2yFnIbaga1bvO3yYtRkirm-5ZIK0U1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 08 Jul 2019 11:20:37 GMT
Server
ETag
"ff6f3c2b7f35d51:0"
X-Frame-Options
Deny
Content-Type
image/jpeg
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Date
Mon, 18 Nov 2019 19:49:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=993
Content-Length
167028
X-XSS-Protection
1
fontawesome-webfont.woff2
www.myepaywindow.com/fonts/
0
0
Font
General
Full URL
https://www.myepaywindow.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.myepaywindow.com/Content/font-awesome?v=3iEv8vqPidB6TVfgNOGrLoJr-SPH_mV3YwpggEk2_ao1
Origin
https://www.myepaywindow.com

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Server
Date
Mon, 18 Nov 2019 19:49:01 GMT
X-Frame-Options
Deny
Content-Type
text/html
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Strict-Transport-Security
max-age=31536000; includeSubdomains
Keep-Alive
timeout=4, max=993
Content-Length
1245
X-XSS-Protection
1
lato-lig-webfont.woff
www.myepaywindow.com/fonts/
30 KB
32 KB
Font
General
Full URL
https://www.myepaywindow.com/fonts/lato-lig-webfont.woff?1383488388
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
b648bceaf535970fb2092ac788770d227f2f48e631f64a6dbfdb88553df54ec2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.myepaywindow.com/Content/login?v=4E2jWuOIUKu6LN2yFnIbaga1bvO3yYtRkirm-5ZIK0U1
Origin
https://www.myepaywindow.com

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 08 Jul 2019 11:20:38 GMT
Server
ETag
"368dc32b7f35d51:0"
X-Frame-Options
Deny
Content-Type
font/x-woff
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Date
Mon, 18 Nov 2019 19:49:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=993
Content-Length
31000
X-XSS-Protection
1
fontawesome-webfont.woff
www.myepaywindow.com/fonts/
96 KB
97 KB
Font
General
Full URL
https://www.myepaywindow.com/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: www.myepaywindow.com
URL: https://www.myepaywindow.com/Account/VerifyIdentity/58a55fc0-a6cc-4d0a-aedf-5b5942d0f251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.177.26.1 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
/
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.myepaywindow.com/Content/font-awesome?v=3iEv8vqPidB6TVfgNOGrLoJr-SPH_mV3YwpggEk2_ao1
Origin
https://www.myepaywindow.com

Response headers

Content-Security-Policy
default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 08 Jul 2019 11:20:39 GMT
Server
ETag
"a7afd2c7f35d51:0"
X-Frame-Options
Deny
Content-Type
font/x-woff
Cache-Control
max-age=31536000,must-revalidate,max-stale=0,post-check=0,post-check=0,pre-check=0
Date
Mon, 18 Nov 2019 19:49:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=993
Content-Length
98024
X-XSS-Protection
1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr object| google_tag_manager object| dataLayer function| setImmediate function| clearImmediate object| __core-js_shared__ object| core function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
www.myepaywindow.com/ Name: __RequestVerificationToken
Value: OP8cGCm-Mz5ZMm6qK2b1y-VsNfi28bmniPxk_W7AkImx-2PyQmFehSaDktT40MSwwsgDC408jiA-fXXyIlTu0Ay8GYO_ANU4Y4bpwtHc1L01
www.myepaywindow.com/ Name: ASP.NET_SessionId
Value: z4uvityiascfzfg305uyjhz5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-src 'self' syndication.twitter.com platform.twitter.com; form-action 'self' syndication.twitter.com platform.twitter.com; script-src 'self' 'unsafe-eval' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; connect-src 'self'; img-src 'self' data: chart.googleapis.com www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; style-src 'self' 'unsafe-inline' www.google-analytics.com platform.twitter.com audited.netcraft.com syndication.twitter.com cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com; font-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1