urlscan.io logo urlscan.io
SecurityTrails logo

epayb.fas.gsa.gov Open in urlscan Pro
159.142.135.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://epayb.fas.gsa.gov/
Effective URL: https://epayb.fas.gsa.gov/epay/epay/
Submission Tags: insec_govpress_testing wordpress Search All
Submission: On October 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 159.142.135.179, located in United States and belongs to GSA-GOV, US. The main domain is epayb.fas.gsa.gov.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 28th 2020. Valid for: a year.
This is the only time epayb.fas.gsa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 159.142.135.179 2714 (GSA-GOV)
5 13.225.198.129 16509 (AMAZON-02)
20 2
Apex Domain
Subdomains		 Transfer
16 gsa.gov
epayb.fas.gsa.gov
99 KB
5 oktacdn.com
global.oktacdn.com
1 MB
20 2
Domain Requested by
16 epayb.fas.gsa.gov 1 redirects epayb.fas.gsa.gov
5 global.oktacdn.com epayb.fas.gsa.gov
global.oktacdn.com
20 2

This site contains links to these domains. Also see Links.

Domain
www.gsa.gov
www.fss.gsa.gov
usa.gov
Subject Issuer Validity Valid
epayb.fas.gsa.gov
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2021-03-15		 a year crt.sh
*.oktacdn.com
DigiCert SHA2 High Assurance Server CA		 2017-11-01 -
2021-01-06		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://epayb.fas.gsa.gov/epay/epay/
Frame ID: B503C190210D4E738B6987AAED7788B4
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://epayb.fas.gsa.gov/ HTTP 301
    https://epayb.fas.gsa.gov/ Page URL
  2. https://epayb.fas.gsa.gov/epay/epay/ Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1199 kB
Transfer

1344 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://epayb.fas.gsa.gov/ HTTP 301
    https://epayb.fas.gsa.gov/ Page URL
  2. https://epayb.fas.gsa.gov/epay/epay/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://epayb.fas.gsa.gov/ HTTP 301
  • https://epayb.fas.gsa.gov/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
epayb.fas.gsa.gov/
Redirect Chain
  • http://epayb.fas.gsa.gov/
  • https://epayb.fas.gsa.gov/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
81f3bd5490050ec00f7d6017d17a134786c1ad5f907ad6635b4f6360dbffe905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
epayb.fas.gsa.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Mime-Version
1.0
Server
Web Transaction Server For ClearPath MCP 60
Date
Sat, 17 Oct 2020 17:23:26 GMT
Last-Modified
Sat, 17 Oct 2020 14:01:56 GMT
Content-Length
1663
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=90
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store, no-cache
Pragma
no-cache

Redirect headers

Location
https://epayb.fas.gsa.gov/
Connection
Keep-Alive
Content-Length
0
Index.js
epayb.fas.gsa.gov/ 		302 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/Index.js
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
3ff98609f38fc53729ec290872d67a799e112c02fc9c092ca355445c29e4f90c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:26 GMT
Last-Modified
Wed, 17 Aug 2005 20:19:04 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
302
Keep-Alive
timeout=90
Mime-Version
1.0
Primary Request /
epayb.fas.gsa.gov/epay/epay/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
87b0a2c0a07c50e69ff47be009964f314877a3235e2298922be899ea1352036e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
epayb.fas.gsa.gov
Connection
keep-alive
Content-Length
17
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://epayb.fas.gsa.gov
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://epayb.fas.gsa.gov/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://epayb.fas.gsa.gov
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://epayb.fas.gsa.gov/

Response headers

Mime-Version
1.0
Server
Web Transaction Server For ClearPath MCP 60
Date
Sat, 17 Oct 2020 17:23:26 GMT
Content-Length
10961
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=90
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store, no-cache
Pragma
no-cache
Home.css
epayb.fas.gsa.gov/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/css/Home.css
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
5619b6400cbb0e6fb1cb4d5b887f9a48af82f013ccd663aa023590b0a8e8817e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Fri, 03 Jan 2014 14:22:08 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
2647
Keep-Alive
timeout=90
Mime-Version
1.0
COMMON.js
epayb.fas.gsa.gov/js/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/js/COMMON.js
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
db362c12f7e2ae014d9e27bcb48a9d5d96a1c404b422a881d1b1df22f5b68b48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Tue, 02 Oct 2018 15:27:19 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
37736
Keep-Alive
timeout=90
Mime-Version
1.0
EPLOG.js
epayb.fas.gsa.gov/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epayb.fas.gsa.gov/js/EPLOG.js
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
38a99846d7dd533d137d6bcf7d8dae6052be9ab0166188b03cf2ef1d7d070dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Wed, 20 Nov 2019 21:15:41 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
1991
Keep-Alive
timeout=90
Mime-Version
1.0
okta-sign-in.min.js
global.oktacdn.com/okta-signin-widget/3.8.2/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/js/okta-sign-in.min.js
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.198.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-198-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6105385cc0641bbc2d881d338f5de71a6bd70a7f6216688c14672fe2895cf233
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
0bqDoUqwqv7yf5OBDVpCoGIqc.ArylId
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
56109
x-cache
Hit from cloudfront
status
200
date
Sat, 17 Oct 2020 01:48:19 GMT
x-amz-replication-status
COMPLETED
content-length
1049974
last-modified
Fri, 20 Mar 2020 02:19:43 GMT
server
AmazonS3
etag
"d943801d64f3870adf095a8749532b87"
strict-transport-security
max-age=315360000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
x-amz-cf-id
EaET1fPSxwJoC8gCW9ZqqfmjmsRi8H_6_ogehXrQZ4AwwQS8vkl2QA==
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/3.8.2/css/ 		180 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.198.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-198-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
VioymT0ami6RAq5l.msmhnEwxweXAIS1
content-encoding
gzip
x-content-type-options
nosniff
age
32409
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=315360000
etag
"92cb194fd7896eb0997c23a4a3dbb596"
access-control-allow-origin
*
last-modified
Fri, 20 Mar 2020 02:19:40 GMT
server
AmazonS3
date
Sat, 17 Oct 2020 08:23:19 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
YUL62-C1
x-amz-cf-id
fDYFmhb0xR9f1BCvOwAmAqN8QQkU1lX6-wnjXHDGMRRUK6QXUDODPQ==
Visa_logo1.gif
epayb.fas.gsa.gov/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/Visa_logo1.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
3b5bd44684fb668d1f159f6f642d348d16a8296e8565bfd9e6436b67163ed6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Sun, 07 Mar 2004 23:28:30 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
2386
Keep-Alive
timeout=90
Mime-Version
1.0
Master_logo1.gif
epayb.fas.gsa.gov/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/Master_logo1.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
3e185dee9989e3beb834a99e21f4bb02012bc1d45b3e98b17e867db1e1a7baed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Sun, 07 Mar 2004 23:28:18 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
2108
Keep-Alive
timeout=90
Mime-Version
1.0
amex_logo1.gif
epayb.fas.gsa.gov/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/amex_logo1.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
081bdf479b49559bb54d55867152a3d2f13e3873e01017d1c47b39612422a200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Sun, 07 Mar 2004 23:28:04 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
1841
Keep-Alive
timeout=90
Mime-Version
1.0
discover_logo1.gif
epayb.fas.gsa.gov/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/discover_logo1.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
6c9a7fc9caf5b20b1ae548caacc6c64c39c745cec8c89f0c22958e72a85223b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Sun, 07 Mar 2004 23:27:24 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
1847
Keep-Alive
timeout=90
Mime-Version
1.0
money2.gif
epayb.fas.gsa.gov/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/money2.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
f395f3a2c9d46b4c78b63ad6da9812aa4f93fb921e7be150f826c2e24f74be1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Mon, 08 Mar 2004 01:45:52 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
17685
Keep-Alive
timeout=90
Mime-Version
1.0
usagov_logo.jpg
epayb.fas.gsa.gov/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/usagov_logo.jpg
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
92715c04aab01de360040edf268cf7692a765dd864c965ff5a0cddd22ee65674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Mon, 30 Apr 2007 21:44:12 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/jpeg
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
3917
Keep-Alive
timeout=90
Mime-Version
1.0
epaylogo.gif
epayb.fas.gsa.gov/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/epaylogo.gif
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
e68cffc28d063849cb09629a4c0c6c040442fae8e59409f87aaa72b00f288b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Mon, 01 Mar 2004 11:39:28 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
3026
Keep-Alive
timeout=90
Mime-Version
1.0
flag1.jpg
epayb.fas.gsa.gov/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/flag1.jpg
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
18751c9278bc2185c1d22958436b53201de6ed0d94af3aa770b024af36cb461d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Mon, 05 May 2003 18:44:46 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/jpeg
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
3343
Keep-Alive
timeout=90
Mime-Version
1.0
flag2.jpg
epayb.fas.gsa.gov/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epayb.fas.gsa.gov/images/flag2.jpg
Requested by
Host: epayb.fas.gsa.gov
URL: https://epayb.fas.gsa.gov/epay/epay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.135.179 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-135-179.gsa.gov
Software
Web Transaction Server For ClearPath MCP 60 /
Resource Hash
9a2206234d86cdd72896bd9a47ab0d7dd904852fbad28852309513c0a13b477d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://epayb.fas.gsa.gov/epay/epay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Oct 2020 17:23:27 GMT
Last-Modified
Fri, 18 Apr 2003 15:51:00 GMT
Server
Web Transaction Server For ClearPath MCP 60
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/jpeg
Cache-Control
no-store, no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
3150
Keep-Alive
timeout=90
Mime-Version
1.0
checkbox-sign-in-widget.png
global.oktacdn.com/okta-signin-widget/3.8.2/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.198.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-198-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 18:49:55 GMT
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
81213
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
3141
last-modified
Fri, 20 Mar 2020 02:19:42 GMT
server
AmazonS3
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
strict-transport-security
max-age=315360000
x-amz-version-id
Xc6sPxAJ54eHgHMI3gikbPlOMwVCYq0B
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
rJ2EgbdsBMi4PGHoKyCaZsZivXUmJRydDWj3nvGLFIx4k394e5wJGA==
montserrat-light-webfont.woff
global.oktacdn.com/okta-signin-widget/3.8.2/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/font/montserrat-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.198.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-198-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Origin
https://epayb.fas.gsa.gov
Referer
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
QqWSoU.EM0xOn6Gr7hWBr3KvGddojAWJ
via
1.1 eb320109e341ecc97411ccb5e7ba0f5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
31398
x-cache
Hit from cloudfront
status
200
date
Sat, 17 Oct 2020 08:40:11 GMT
x-amz-replication-status
COMPLETED
content-length
22112
last-modified
Fri, 20 Mar 2020 02:19:40 GMT
server
AmazonS3
etag
"6225f3ca44b83090833064727a09cc95"
strict-transport-security
max-age=315360000
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
x-amz-cf-id
7yISgGhwq5f3XHXXvHn0_jm4_BADghDPdOqwAUu6nTtahBpwV49sJQ==
montserrat-regular-webfont.woff
global.oktacdn.com/okta-signin-widget/3.8.2/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/font/montserrat-regular-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.198.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-198-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Origin
https://epayb.fas.gsa.gov
Referer
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 17:51:30 GMT
via
1.1 eb320109e341ecc97411ccb5e7ba0f5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
84719
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
21980
last-modified
Fri, 20 Mar 2020 02:19:41 GMT
server
AmazonS3
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
strict-transport-security
max-age=315360000
x-amz-version-id
YWGIm5gCGjk7nN_o43QQQNlupg1PqVX5
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
YUL62-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
a7YzsDyX0f8uiWHAr4pxTrHtaoOBQVqVDPkC-eZuy9KwABdbyneFLw==

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| host string| appDir string| fileDir string| server string| hom number| TO1 string| disableTO number| numSec number| popNum object| helpwin string| hlpFile string| prm string| nxHost number| accHidLen string| login string| logged string| proxy string| usrtyp string| gsauser string| gstuser string| geninfo string| sysadm string| usradm string| usrprxy string| accsro string| acccarr string| acchhg string| hhggen string| hhgalt string| hhgnon string| accfrt string| frtgen string| frtalt string| frtnon string| hhgrf string| frtrf string| hhgci string| frtci string| frtulc string| frtrfp string| hhgrfp string| sarfp string| wgaTemp string| wga number| wgID number| bsAccLvl number| bsAccPerm number| blAccLvl number| blAccPerm function| gsahome function| gsa1 function| bar1 function| bar1a function| bar1b function| bar1c function| bar2 function| bar2a function| maintainSel function| Header1 function| go function| newWinSession function| upperTDUser function| openWin function| chgUpper function| getDtTime function| getChk function| selddlb function| formSubmit function| new_positionWindow function| findIndex number| total function| count1 function| ChangeCaptions function| TransferTo function| stripSpaces function| checkEmail function| checkEmail_Old function| countElement function| checkDups function| valContent function| checkEmailMulti function| valTel function| valTel2 function| valTel3 function| valZip function| checkField function| checkName function| checkNum function| checkNum2 function| validateDate function| insertSlash function| addSlash function| setTimer function| sessionExp function| valAccPerm function| showHelp function| navRate function| checkChar function| textCounter function| bust number| timerGSAB number| timerGSAC function| setFocus function| chkLogin function| sendFgtPswd function| goRegn function| SSOLog function| selectUser function| forgotPassword function| submitForgotPassword function| gsaSSOLogin string| temphttp string| temptcode string| frmAction string| hlpfile object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage function| OktaSignIn string| html function| widgetSuccessCallback function| widgetErrorCallback function| success object| signInWidgetConfig object| signInWidget

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epayb.fas.gsa.gov
global.oktacdn.com
13.225.198.129
159.142.135.179
081bdf479b49559bb54d55867152a3d2f13e3873e01017d1c47b39612422a200
18751c9278bc2185c1d22958436b53201de6ed0d94af3aa770b024af36cb461d
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
38a99846d7dd533d137d6bcf7d8dae6052be9ab0166188b03cf2ef1d7d070dc4
3b5bd44684fb668d1f159f6f642d348d16a8296e8565bfd9e6436b67163ed6a5
3e185dee9989e3beb834a99e21f4bb02012bc1d45b3e98b17e867db1e1a7baed
3ff98609f38fc53729ec290872d67a799e112c02fc9c092ca355445c29e4f90c
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
5619b6400cbb0e6fb1cb4d5b887f9a48af82f013ccd663aa023590b0a8e8817e
6105385cc0641bbc2d881d338f5de71a6bd70a7f6216688c14672fe2895cf233
68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06
6c9a7fc9caf5b20b1ae548caacc6c64c39c745cec8c89f0c22958e72a85223b5
81f3bd5490050ec00f7d6017d17a134786c1ad5f907ad6635b4f6360dbffe905
87b0a2c0a07c50e69ff47be009964f314877a3235e2298922be899ea1352036e
92715c04aab01de360040edf268cf7692a765dd864c965ff5a0cddd22ee65674
9a2206234d86cdd72896bd9a47ab0d7dd904852fbad28852309513c0a13b477d
db362c12f7e2ae014d9e27bcb48a9d5d96a1c404b422a881d1b1df22f5b68b48
e68cffc28d063849cb09629a4c0c6c040442fae8e59409f87aaa72b00f288b9d
f395f3a2c9d46b4c78b63ad6da9812aa4f93fb921e7be150f826c2e24f74be1c
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace