urlscan.io logo urlscan.io
SecurityTrails logo

www.jhaipayportal.com Open in urlscan Pro
74.200.40.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.jhaipayportal.com/Home/Login?key=iuVmgSXK
Effective URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Submission: On November 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 74.200.40.95, located in United States and belongs to JACKHENRY, US. The main domain is www.jhaipayportal.com. The Cisco Umbrella rank of the primary domain is 184999.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 12th 2024. Valid for: a year.
This is the only time www.jhaipayportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 74.200.40.95 14010 (JACKHENRY)
9 2
Apex Domain
Subdomains		 Transfer
10 jhaipayportal.com
www.jhaipayportal.com — Cisco Umbrella Rank: 184999
890 KB
9 1
Domain Requested by
10 www.jhaipayportal.com 1 redirects www.jhaipayportal.com
9 1

This site contains no links.

Subject Issuer Validity Valid
jhaipayportal.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-12 -
2025-06-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Frame ID: 3F545AAD8DE358013E8D20A2954A8B73
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log In

Page URL History Show full URLs

  1. https://www.jhaipayportal.com/Home/Login?key=iuVmgSXK HTTP 302
    https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

984 kB
Transfer

2353 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jhaipayportal.com/Home/Login?key=iuVmgSXK HTTP 302
    https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
www.jhaipayportal.com/Home/
Redirect Chain
  • https://www.jhaipayportal.com/Home/Login?key=iuVmgSXK
  • https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
fd452cb9a0510c5c3b33058d15dd5e25acc48c29a276b17389b55527492dfbee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com; form-action 'self' bridge.jhaipayportal.com; font-src 'self' fonts.gstatic.com data:; child-src 'self'; frame-src 'self' www.google.com www.gstatic.com jhaipayportal.com bridge.jhaipayportal.com; object-src www.google.com; media-src 'none'; img-src 'self' data: www.google.com/recaptcha/api/ www.google.com; manifest-src 'none'; connect-src 'self' billpaysite.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-downloads;report-uri \iPayPortal.Web\ProcessCSPViolation.axd;report-to \iPayPortal.Web\ProcessCSPViolation.axd;
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private,no-cache, no-store, private
Content-Encoding
gzip
Content-Length
5450
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com; form-action 'self' bridge.jhaipayportal.com; font-src 'self' fonts.gstatic.com data:; child-src 'self'; frame-src 'self' www.google.com www.gstatic.com jhaipayportal.com bridge.jhaipayportal.com; object-src www.google.com; media-src 'none'; img-src 'self' data: www.google.com/recaptcha/api/ www.google.com; manifest-src 'none'; connect-src 'self' billpaysite.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-downloads;report-uri \iPayPortal.Web\ProcessCSPViolation.axd;report-to \iPayPortal.Web\ProcessCSPViolation.axd;
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Nov 2024 01:44:11 GMT
Expires
0
Pragma
no-cache
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
private,no-cache, no-store, private
Content-Length
141
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com; form-action 'self' bridge.jhaipayportal.com; font-src 'self' fonts.gstatic.com data:; child-src 'self'; frame-src 'self' www.google.com www.gstatic.com jhaipayportal.com bridge.jhaipayportal.com; object-src www.google.com; media-src 'none'; img-src 'self' data: www.google.com/recaptcha/api/ www.google.com; manifest-src 'none'; connect-src 'self' billpaysite.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-downloads;report-uri \iPayPortal.Web\ProcessCSPViolation.axd;report-to \iPayPortal.Web\ProcessCSPViolation.axd;
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Nov 2024 01:44:11 GMT
Expires
0
Location
/Home/Login?key=nlbbMb5z
Pragma
no-cache
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000
x-frame-options
SAMEORIGIN
portal-bundle.min.css
www.jhaipayportal.com/Content/ 		667 KB
198 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Content/portal-bundle.min.css
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
79992ba63c37d045318685707e37d3e4f49b59edb581507c31e316c8ffea42ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Pragma
no-cache
ETag
"08fc042baf9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
202443
Date
Thu, 07 Nov 2024 01:44:11 GMT
Content-Type
text/css
Last-Modified
Thu, 29 Aug 2024 02:22:14 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
jquery-bundle.min.js
www.jhaipayportal.com/Scripts/ 		349 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Scripts/jquery-bundle.min.js
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
8e86fbb5f95d465f0c5744d8baaf5a5a99ed7209b5e09da05b5c4c7edf9feff3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
102358
Date
Thu, 07 Nov 2024 01:44:12 GMT
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
portal-common-bundle.min.js
www.jhaipayportal.com/Scripts/ 		519 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Scripts/portal-common-bundle.min.js
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
708ee9bad2b247fbd7b42bd937be9e9c410e05ffa3a51b81e5b1fe53a38943ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
150107
Date
Thu, 07 Nov 2024 01:44:12 GMT
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
SSO.js
www.jhaipayportal.com/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Scripts/SSO.js
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
13aa151f5b5bda3d60313cbc31b98d74d477105e0534bf8fbc5b687334f68733
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
1245
Date
Thu, 07 Nov 2024 01:44:11 GMT
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
portal-bundle.min.js
www.jhaipayportal.com/Scripts/ 		343 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Scripts/portal-bundle.min.js
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
1c52f545ac127c34334bdcd03fa128652f644bb70cf18cf0f783fdac115b4934
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
77685
Date
Thu, 07 Nov 2024 01:44:12 GMT
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
Login.js
www.jhaipayportal.com/Features/Home/Scripts/ 		765 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/Features/Home/Scripts/Login.js
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
7250ee203014cb60dd4d8138b372d11954c0b8845ef12a78706ead8de5ecb13d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
public
Content-Encoding
gzip
ETag
"1DAF9B9E493AC00"
Expires
Fri, 08 Nov 2024 01:13:05 GMT
Accept-Ranges
bytes
Content-Length
378
Date
Thu, 07 Nov 2024 01:44:12 GMT
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ebbe1cdade27ac03dd055dccac7cee32bb2299556bfae64c289083ca30d5405

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.jhaipayportal.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
JHASwirls.png
www.jhaipayportal.com/Images/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jhaipayportal.com/Images/JHASwirls.png
Requested by
Host: www.jhaipayportal.com
URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
efe24a297dc53cf3a2e4223fdbf4795f31798cba6ac6e2e0460d1697fefb953d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
332149
Date
Thu, 07 Nov 2024 01:44:12 GMT
Content-Type
image/png
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
x-frame-options
SAMEORIGIN
truncated
/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ba86f2d98666d4dfe1202140a4d0f9960a8919d9c76b8141cc6f18538562eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.jhaipayportal.com
Referer

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
favicon.ico
www.jhaipayportal.com/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.jhaipayportal.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.40.95 , United States, ASN14010 (JACKHENRY, US),
Reverse DNS
Software
/
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=15552000
Cache-Control
no-cache, no-store, private
Pragma
no-cache
ETag
"0ac93e4b9f9da1:0"
Referrer-Policy
no-referrer
Expires
0
Accept-Ranges
bytes
Content-Length
32038
Date
Thu, 07 Nov 2024 01:44:13 GMT
Content-Type
image/x-icon
Last-Modified
Thu, 29 Aug 2024 02:19:36 GMT
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| portalBaseUrl function| $ function| jQuery object| html5 object| Modernizr object| FormValidation object| respond function| noty function| Sortable object| SSO object| SSOKeepAliveMessaging function| signOut function| closeWindow function| openApplication function| InitiateBroadcastchannelNonIE function| LogOutDialogButtonPressed function| PwdExpireWarningDialogButtonPressed function| Nav function| frameNav function| SetUpPopoverMessage function| recordLevelErrors object| homeService function| DisplayToggleNotification object| SignOutService object| SessionExpiryService object| TabFocus object| ajax function| SignOut object| KeepAlive function| moment function| Init function| SetWarningTimer function| ClearWarningTimer function| SetLogoutTimer function| ClearLogoutTimer function| ResetTimer function| LogOff function| SessionExpire function| externalAccessSessionExpire function| KeepSessionAlive function| closeLegacySiteWindow function| Inputmask function| init function| isActiveTab function| isTabHidden function| getHiddenFieldPrefix function| isHidden object| login function| backButtonClick function| hamburgerButtonClick function| JhaDialogButtonPressedlogOutDialog function| checkFixedLayout

8 Cookies

Domain/Path Name / Value
.www.jhaipayportal.com/Home Name: __CSPCOOKIE
Value: 11a5e87c-949a-4018-9670-e84877052683
www.jhaipayportal.com/ Name: SameSite
Value: None
www.jhaipayportal.com/ Name: ADRUM_BTn
Value: R:0|n:jackhenry-prod_87b28ce8-be5d-46ff-9c02-2641481d928c
www.jhaipayportal.com/ Name: ASP.NET_SessionId
Value: gl0wfctrbedkl5tuyvuruhgf
www.jhaipayportal.com/ Name: ADRUM_BTa
Value: R:0|g:da4e78ca-0e9b-47b5-b158-58c246a69fac|n:jackhenry-prod_87b28ce8-be5d-46ff-9c02-2641481d928c
www.jhaipayportal.com/ Name: ADRUM_BT1
Value: R:0|i:762311|e:2|t:1730943851908
www.jhaipayportal.com/ Name: ADRUM_BTg
Value: R:0|g:539a0b84-0a58-4b2a-8712-7da86bbdabfb
.www.jhaipayportal.com/ Name: TS01c9d7cb
Value: 01b6031a188dc912fdc842cb62ffb0c8dc2f08695a26087bc6f0c9b3ac8c3edef804724c832abb37adccef0d26a8d12ad39ee6f454104d1c3af9c6290c2f43fe4006da8e9464d5c7a2d809f105713e457347557e36f105a40e0cfc43a11418f7a1d97c1e5f54a1e79eb4499f7ddc5b99cef539e7a8d3f90c5512bd516ccd956c38908c9181250433e51d9907ae67a6ad134fe7e4d61bd4636a4ac7c8e5861dcccaf594077f9b0a94affc0914e3097bd74ba4badc2d

1 Console Messages

Source Level URL
Text
security warning URL: https://www.jhaipayportal.com/Home/Login?key=nlbbMb5z
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com; form-action 'self' bridge.jhaipayportal.com; font-src 'self' fonts.gstatic.com data:; child-src 'self'; frame-src 'self' www.google.com www.gstatic.com jhaipayportal.com bridge.jhaipayportal.com; object-src www.google.com; media-src 'none'; img-src 'self' data: www.google.com/recaptcha/api/ www.google.com; manifest-src 'none'; connect-src 'self' billpaysite.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-downloads;report-uri \iPayPortal.Web\ProcessCSPViolation.axd;report-to \iPayPortal.Web\ProcessCSPViolation.axd;
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN