urlscan.io logo urlscan.io
SecurityTrails logo

mail.onmail.com Open in urlscan Pro
18.233.173.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://files.ukvirginmoneyplc.com/
Effective URL: https://mail.onmail.com/login
Submission: On September 25 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 55 HTTP transactions. The main IP is 18.233.173.207, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mail.onmail.com. The Cisco Umbrella rank of the primary domain is 194816.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 19th 2023. Valid for: a year.
This is the only time mail.onmail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    44.199.101.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-101-220.compute-1.amazonaws.com
files.ukvirginmoneyplc.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
firebaseremoteconfig.googleapis.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
14    18.233.173.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-173-207.compute-1.amazonaws.com
mail.onmail.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
1    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    3.232.179.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-179-126.compute-1.amazonaws.com
assets.edison.tech
Apex Domain
Subdomains		 Transfer
15 ukvirginmoneyplc.com
files.ukvirginmoneyplc.com
3 MB
14 onmail.com
mail.onmail.com — Cisco Umbrella Rank: 194816
3 MB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
firebase.googleapis.com — Cisco Umbrella Rank: 4115
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 592
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 489 Failed
6 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
286 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1391
318 KB
2 edison.tech
assets.edison.tech
465 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
55 7
Domain Requested by
15 files.ukvirginmoneyplc.com files.ukvirginmoneyplc.com
14 mail.onmail.com files.ukvirginmoneyplc.com
mail.onmail.com
4 firebaseinstallations.googleapis.com files.ukvirginmoneyplc.com
mail.onmail.com
4 firebase.googleapis.com files.ukvirginmoneyplc.com
mail.onmail.com
4 www.googletagmanager.com files.ukvirginmoneyplc.com
www.googletagmanager.com
mail.onmail.com
4 js.stripe.com files.ukvirginmoneyplc.com
js.stripe.com
mail.onmail.com
3 firebaseremoteconfig.googleapis.com files.ukvirginmoneyplc.com
mail.onmail.com
2 assets.edison.tech mail.onmail.com
2 region1.google-analytics.com files.ukvirginmoneyplc.com
mail.onmail.com
2 fonts.googleapis.com files.ukvirginmoneyplc.com
mail.onmail.com
55 10

This site contains links to these domains. Also see Links.

Domain
www.onmail.com
Subject Issuer Validity Valid
files.ukvirginmoneyplc.com
R11		 2024-09-25 -
2024-12-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
onmail.com
Amazon RSA 2048 M03		 2023-11-19 -
2024-12-17		 a year crt.sh
*.edison.tech
Amazon RSA 2048 M03		 2024-01-07 -
2025-02-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://mail.onmail.com/login
Frame ID: 76034C8DBA52676532A4760E373502C8
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Frame ID: 4501E6FA6EEBFD1405DFAC30EC195625
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Frame ID: 3C0F682A8675516AABA9FD4799F3925D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnMail

Page URL History Show full URLs

  1. http://files.ukvirginmoneyplc.com/ HTTP 307
    https://files.ukvirginmoneyplc.com/ Page URL
  2. https://mail.onmail.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

55
Requests

98 %
HTTPS

55 %
IPv6

7
Domains

10
Subdomains

12
IPs

2
Countries

7309 kB
Transfer

22476 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://files.ukvirginmoneyplc.com/ HTTP 307
    https://files.ukvirginmoneyplc.com/ Page URL
  2. https://mail.onmail.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://files.ukvirginmoneyplc.com/ HTTP 307
  • https://files.ukvirginmoneyplc.com/

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
files.ukvirginmoneyplc.com/
Redirect Chain
  • http://files.ukvirginmoneyplc.com/
  • https://files.ukvirginmoneyplc.com/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
413e34d6f5a2886b144aedfde3869360e1a7ab5d11492c285d824c66b7bdb916
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 25 Sep 2024 01:35:04 GMT
etag
W/"66d1619a-1247"
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-request-id
73985f93e8adcad1a63ae6314bed6d2e

Redirect headers

Location
https://files.ukvirginmoneyplc.com/
Non-Authoritative-Reason
HttpsUpgrades
node_vendors.c8a226dc.chunk.css
files.ukvirginmoneyplc.com/static/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/css/node_vendors.c8a226dc.chunk.css
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
102c2197a446afee72e5e1f459fd968b18a80f5f542f1d054435f22c049a1675
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
c235f85a8dfe2effd0f07b9572fdd623
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d16191-4cd8"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
text/css
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
main.b34c8f89.chunk.css
files.ukvirginmoneyplc.com/static/css/ 		117 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/css/main.b34c8f89.chunk.css
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
2aec30d119462eb4ebc4b2173ed2ea040b4d100d2f890f5a09b5e3603504396a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
3033b6b23e225710e178a2a15c9dd25d
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d1619a-1d5cb"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
text/css
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
env.js
files.ukvirginmoneyplc.com/public/ 		1 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/public/env.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
91d4f70b84eafd163fe29b10a0d3b9a3c425edf11ad9ea24224059bcd44d34ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
51d5867d6a296324bdfdf8565457f8b4
content-encoding
gzip
date
Wed, 25 Sep 2024 01:35:04 GMT
etag
W/"66d1618f-4b1"
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:11 GMT
node_vendors.49fd7adf.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		2 MB
815 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
79b4586d221e51cf45e3dfc8d332da6b83f92dd949cfcd0f482475b082e95094
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
b02b80efea262f4072732167f9a5b825
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d1619a-25fc2b"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
@material-ui.0935853b.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/@material-ui.0935853b.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
b1fe11d54eb8b9f1460d05b088424851876790ef31825e922cc360c2e2356cf1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
c86e2bb585c74bda391195fd6cd905ea
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d16191-2664f7"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
pdfjs-dist.c0a8dca8.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		478 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/pdfjs-dist.c0a8dca8.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
e52e06e064f442019b42a6539fc75e67d937a98b410e629e527ee858803d4738
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
d25de10ac78624c7c908961273a99e55
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d1619a-779b4"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
zxcvbn.e91f44ec.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		800 KB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/zxcvbn.e91f44ec.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
eabb7d171ea9d6b75598c7ee9d0d8d742b4ae2312870efaf0f488e43b47f7b73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
d53415ca662d48d6b95e7243f7d3684d
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d16191-c7e1b"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
tinymce.dd9c0ba7.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		871 KB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/tinymce.dd9c0ba7.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
a1ca2e1403767acd61c81096399d78530b910f1f35e2af3894044079dc2ad8db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
a101338fe9b9e4212cb9125b425ba258
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d1619a-d9cee"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
edison-sift-parsers.2c5d2275.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		509 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/edison-sift-parsers.2c5d2275.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
9263cde348d5a8dbd7e8aa04f8fbe78f997c2f1b6cc7cd053002e16c9f3ff0d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
d5e0071550b54dc01011cc41c85aa4f6
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d16191-7f5b3"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
main.0df92006.chunk.js
files.ukvirginmoneyplc.com/static/js/ 		2 MB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/static/js/main.0df92006.chunk.js
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
f3fba9fae1fe99cbbde4664cf438354236c7a595c97be7a10be8961142427d27
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
07564603ca4ffe6d3b02006b326843ec
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66d1619a-22037a"
date
Wed, 25 Sep 2024 01:35:04 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 06:07:22 GMT
css
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/css/main.b34c8f89.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86d75616edefeebef2d87b6565f6d07d4e1255c2cdafbc0b2c84ed79baa206d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 01:35:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 01:35:05 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 01:14:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
v3
js.stripe.com/ 		655 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

x-request-id
0d41ad0c-495e-4f58-abeb-8d9b6bc011df
content-encoding
br
etag
"2c76ac99816397a1d7d79a37d0f103ff"
age
8
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 25 Sep 2024 01:35:06 GMT
last-modified
Wed, 25 Sep 2024 00:06:30 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-lcy-eglc8600026-LCY
x-cache-hits
2
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
162105
server
Fastly
super_session
files.ukvirginmoneyplc.com/v1/na/ 		82 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/v1/na/super_session
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
a3744dd1d0139d76f21d26182cf8e6d4aeab3c065b64e44de9a4d2770b1a6eb8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

X-Super-Session-ID
null
Referer
https://files.ukvirginmoneyplc.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
3dce8d1029d663e3a8c35f120b19469b, 3dce8d1029d663e3a8c35f120b19469b
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-length
82
date
Wed, 25 Sep 2024 01:35:07 GMT
content-type
application/json; charset=UTF-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Auth-User
js
www.googletagmanager.com/gtag/ 		132 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
555576232a6538ca97dfde87c64d9d8a0d2409a3418a6b9abd18729b067a58d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

content-encoding
br
expires
Wed, 25 Sep 2024 01:35:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 01:35:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
51006
x-xss-protection
0
server
Google Tag Manager
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/ 		315 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/webConfig
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03e67d8e2e4ec1d920c0eb4279f635595f234b995ce08edbf6dcf55ac4d82553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Referer
https://files.ukvirginmoneyplc.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://files.ukvirginmoneyplc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214
date
Wed, 25 Sep 2024 01:35:07 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://files.ukvirginmoneyplc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://files.ukvirginmoneyplc.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://files.ukvirginmoneyplc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://files.ukvirginmoneyplc.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/ 		625 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/installations
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Referer
https://files.ukvirginmoneyplc.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept
application/json
content-type
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://files.ukvirginmoneyplc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
488
date
Wed, 25 Sep 2024 01:35:07 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
js.stripe.com/v3/ Frame 4501 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://files.ukvirginmoneyplc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
39
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
403
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 25 Sep 2024 01:35:07 GMT
etag
"b49317380ba8946a72a1bc61bce8261c"
last-modified
Tue, 24 Sep 2024 23:29:04 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
7ff358c2-fa4f-4340-bcaa-53b1ee876b15
x-served-by
cache-lcy-eglc8600092-LCY
js
www.googletagmanager.com/gtag/ 		263 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-35S0R4L9FM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d50ff542a6ec8e25559198e660682d35edcc5fbca0334cab87ea6be71eb45ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 25 Sep 2024 01:35:07 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94672
date
Wed, 25 Sep 2024 01:35:07 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-35S0R4L9FM&gtm=45je49n0v888479415za200&_p=1727228107130&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&_fid=eGwbijXglRgaYa6zl6E0Vd&cid=924631600.1727228107&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727228107&sct=1&seg=0&dl=https%3A%2F%2Ffiles.ukvirginmoneyplc.com%2F&dt=OnMail&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=3038
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://files.ukvirginmoneyplc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 01:35:07 GMT
content-type
text/plain
server
Golfe2
favicon.ico
files.ukvirginmoneyplc.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
76e103ef2f7672ba9901249f4c043922
etag
"66d16191-10be"
accept-ranges
bytes
content-length
4286
date
Wed, 25 Sep 2024 01:35:07 GMT
content-type
image/x-icon
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
favicon.ico
files.ukvirginmoneyplc.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/login

Response headers

x-request-id
76e103ef2f7672ba9901249f4c043922
accept-ranges
bytes
content-length
4286
date
Wed, 25 Sep 2024 01:35:07 GMT
etag
"66d16191-10be"
content-type
image/x-icon
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
favicon.ico
files.ukvirginmoneyplc.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://files.ukvirginmoneyplc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.199.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-101-220.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://files.ukvirginmoneyplc.com/login

Response headers

x-request-id
76e103ef2f7672ba9901249f4c043922
accept-ranges
bytes
content-length
4286
date
Wed, 25 Sep 2024 01:35:07 GMT
etag
"66d16191-10be"
content-type
image/x-icon
last-modified
Fri, 30 Aug 2024 06:07:13 GMT
Primary Request login
mail.onmail.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/login
Requested by
Host: files.ukvirginmoneyplc.com
URL: https://files.ukvirginmoneyplc.com/static/js/main.0df92006.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
413e34d6f5a2886b144aedfde3869360e1a7ab5d11492c285d824c66b7bdb916
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://files.ukvirginmoneyplc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 25 Sep 2024 01:35:07 GMT
ETag
W/"66d16191-1247"
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Request-Id
fe3465ba51d59367c53e386a7649a2e3
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/ 		0
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/firebase:fetch?key=AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://files.ukvirginmoneyplc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://files.ukvirginmoneyplc.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
node_vendors.c8a226dc.chunk.css
mail.onmail.com/static/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/css/node_vendors.c8a226dc.chunk.css
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
102c2197a446afee72e5e1f459fd968b18a80f5f542f1d054435f22c049a1675

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
e80be4e71c4a0966c4e0606103cde290
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-4cd8"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:07 GMT
Content-Type
text/css
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
main.b34c8f89.chunk.css
mail.onmail.com/static/css/ 		117 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/css/main.b34c8f89.chunk.css
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
2aec30d119462eb4ebc4b2173ed2ea040b4d100d2f890f5a09b5e3603504396a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
b137d2b6be02831716b500b5fce14a15
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d1619a-1d5cb"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
text/css
Last-Modified
Fri, 30 Aug 2024 06:07:22 GMT
env.js
mail.onmail.com/public/ 		1 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/public/env.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
91d4f70b84eafd163fe29b10a0d3b9a3c425edf11ad9ea24224059bcd44d34ec

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
f079711a7f4b54c9ec6fe7a4ef4dd3a7
Content-Encoding
gzip
ETag
W/"66d16199-4b1"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:21 GMT
node_vendors.49fd7adf.chunk.js
mail.onmail.com/static/js/ 		2 MB
815 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
79b4586d221e51cf45e3dfc8d332da6b83f92dd949cfcd0f482475b082e95094

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
3db009061fef3c5d8224b70ed04f840d
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-25fc2b"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
@material-ui.0935853b.chunk.js
mail.onmail.com/static/js/ 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/@material-ui.0935853b.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
b1fe11d54eb8b9f1460d05b088424851876790ef31825e922cc360c2e2356cf1

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
1784e240ecdd8267e0bfe968cc746083
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-2664f7"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
pdfjs-dist.c0a8dca8.chunk.js
mail.onmail.com/static/js/ 		478 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/pdfjs-dist.c0a8dca8.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
e52e06e064f442019b42a6539fc75e67d937a98b410e629e527ee858803d4738

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
19bd3e2f559cb818b5f228e69055740a
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-779b4"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
zxcvbn.e91f44ec.chunk.js
mail.onmail.com/static/js/ 		800 KB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/zxcvbn.e91f44ec.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
eabb7d171ea9d6b75598c7ee9d0d8d742b4ae2312870efaf0f488e43b47f7b73

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
68e49503a9caf815fe2a2e3c985eae45
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d1619a-c7e1b"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:22 GMT
tinymce.dd9c0ba7.chunk.js
mail.onmail.com/static/js/ 		871 KB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/tinymce.dd9c0ba7.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
a1ca2e1403767acd61c81096399d78530b910f1f35e2af3894044079dc2ad8db

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
97b40baee23c3b61f319faf5ecab1605
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-d9cee"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
edison-sift-parsers.2c5d2275.chunk.js
mail.onmail.com/static/js/ 		509 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/edison-sift-parsers.2c5d2275.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
9263cde348d5a8dbd7e8aa04f8fbe78f997c2f1b6cc7cd053002e16c9f3ff0d5

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
d945dd12b4e9981d4d4008789b838566
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d1619a-7f5b3"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:22 GMT
main.0df92006.chunk.js
mail.onmail.com/static/js/ 		2 MB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/main.0df92006.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
f3fba9fae1fe99cbbde4664cf438354236c7a595c97be7a10be8961142427d27

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
98fad27d82533d29a0eb6b5b0b52fc1c
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d1619a-22037a"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:08 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:22 GMT
css
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/css/main.b34c8f89.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86d75616edefeebef2d87b6565f6d07d4e1255c2cdafbc0b2c84ed79baa206d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 01:35:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 01:35:08 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 01:27:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
v3
js.stripe.com/ 		655 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

x-request-id
ffbd9e9d-fd42-4756-9f3d-718aa10c93bd
content-encoding
br
etag
"2c76ac99816397a1d7d79a37d0f103ff"
age
11
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 25 Sep 2024 01:35:09 GMT
last-modified
Wed, 25 Sep 2024 00:06:30 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-lcy-eglc8600050-LCY
x-cache-hits
3
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
162105
server
Fastly
super_session
mail.onmail.com/v1/na/ 		82 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/v1/na/super_session
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
b423dc3ae39cf28e028b140b760cd5617970e64c160ca756796d0cb6e7888869

Request headers

X-Super-Session-ID
null
Referer
https://mail.onmail.com/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

X-Request-Id
c2a36f7dbc82cebc2eb6abca5f11a989, c2a36f7dbc82cebc2eb6abca5f11a989
Cache-Control
no-cache,no-store,must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Length
82
Date
Wed, 25 Sep 2024 01:35:09 GMT
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Auth-User
js
www.googletagmanager.com/gtag/ 		132 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
555576232a6538ca97dfde87c64d9d8a0d2409a3418a6b9abd18729b067a58d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

content-encoding
br
expires
Wed, 25 Sep 2024 01:35:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 01:35:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
51006
x-xss-protection
0
server
Google Tag Manager
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/ 		315 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/webConfig
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03e67d8e2e4ec1d920c0eb4279f635595f234b995ce08edbf6dcf55ac4d82553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Referer
https://mail.onmail.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://mail.onmail.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214
date
Wed, 25 Sep 2024 01:35:10 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:306141709338:web:537869b85832fabc89fda3/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://mail.onmail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mail.onmail.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://mail.onmail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mail.onmail.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/ 		626 B
679 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/onmail-2bdb7/installations
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36e105a58683960682540e71263b53722cadf210e898b798a6cf50df0f940b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Referer
https://mail.onmail.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept
application/json
content-type
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://mail.onmail.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
date
Wed, 25 Sep 2024 01:35:10 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
js.stripe.com/v3/ Frame 3C0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.onmail.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
403
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 25 Sep 2024 01:35:10 GMT
etag
"b49317380ba8946a72a1bc61bce8261c"
last-modified
Tue, 24 Sep 2024 23:29:04 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-content-type-options
nosniff
x-request-id
74189ba1-5ffb-4a14-94b2-b51ab51ea7fb
x-served-by
cache-lcy-eglc8600034-LCY
onboard.f11c6d64.chunk.js
mail.onmail.com/static/js/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/static/js/onboard.f11c6d64.chunk.js
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
62650dc31f02ef325a4af44efa53beaddbeb4dfd37f9410219c89a541df13ea1

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

Transfer-Encoding
chunked
X-Request-Id
d803906c08e5f256116f447918345535
Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
W/"66d16191-174bf"
Connection
keep-alive
Date
Wed, 25 Sep 2024 01:35:10 GMT
Content-Type
application/javascript
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT
js
www.googletagmanager.com/gtag/ 		263 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-35S0R4L9FM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6352d6d774b1ad03ecd4b3fcedbfb4eb08475a2db9987a11528ce970f7125692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 25 Sep 2024 01:35:10 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94602
date
Wed, 25 Sep 2024 01:35:10 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-35S0R4L9FM&gtm=45je49n0v888479415za200&_p=1727228110102&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&_fid=dIj5hgXtWtZ1lcUOZ8RWe6&cid=267161791.1727228110&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727228110&sct=1&seg=0&dl=https%3A%2F%2Fmail.onmail.com%2Flogin&dr=https%3A%2F%2Ffiles.ukvirginmoneyplc.com%2F&dt=OnMail&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase&tfd=2832
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mail.onmail.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 01:35:10 GMT
content-type
text/plain
server
Golfe2
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/ 		406 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/firebase:fetch?key=AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/static/js/node_vendors.49fd7adf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efc87de2367ead6e8abae7efe659703e9b707db8a6c3c748951a4a2574a826dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

If-None-Match
*
Referer
https://mail.onmail.com/
Content-Encoding
gzip
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

cache-control
private
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
etag
etag-onmail-2bdb7-firebase-fetch--1375741865
x-content-type-options
nosniff
access-control-allow-origin
https://mail.onmail.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
240
date
Wed, 25 Sep 2024 01:35:10 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/firebase:fetch?key=AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://mail.onmail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mail.onmail.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Sep 2024 01:35:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
onboarding-side-bg.png
assets.edison.tech/onmail/ 		462 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.edison.tech/onmail/onboarding-side-bg.png
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.179.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-179-126.compute-1.amazonaws.com
Software
/
Resource Hash
b4ebc6ac8da4c5ad725a38eca40d09640538f102fa98f910afdf7e0949038cf6

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

X-Request-Id
08265afe26e40d68888b35ef8cee79fd
Cache-Control
public,max-age=1209600
x-amz-meta-s3cmd-attrs
uid:1020/gname:easilydo_deploy/uname:easilydo_deploy/gid:1022/mode:33188/mtime:1621035274/atime:1621035274/ctime:1621035274
ETag
"520e8e51c6feb62314af934dd5e7df42"
Connection
keep-alive
x-amz-request-id
WT7C2H4K2N0KT280
Access-Control-Allow-Origin
*
Content-Length
472719
Date
Wed, 25 Sep 2024 01:35:11 GMT
Content-Type
image/png
Last-Modified
Fri, 14 May 2021 23:34:51 GMT
x-amz-id-2
7l5h7hvUGzzUh15tpsljdFONwu24gNgqAQ3MshrVWr8JSRxXLGboDEBGCiTBZHcyhxNG6ITVkZg=
logo-light.png
assets.edison.tech/onmail/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.edison.tech/onmail/logo-light.png
Requested by
Host: mail.onmail.com
URL: https://mail.onmail.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.179.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-179-126.compute-1.amazonaws.com
Software
/
Resource Hash
7d1ec9294227d972d9941f33b5e3a1da2b1a004531c1828cf5732e4949498aac

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/

Response headers

X-Request-Id
d9511049cd00cfa94d27efafe923f730
Cache-Control
public,max-age=1209600
x-amz-meta-s3cmd-attrs
uid:1020/gname:easilydo_deploy/uname:easilydo_deploy/gid:1022/mode:33188/mtime:1597792785/atime:1597792785/ctime:1597792785
ETag
"1648f5ed89f64603a62d2fea40d62249"
Connection
keep-alive
x-amz-request-id
WT7C8D0K01BDQ7VG
Access-Control-Allow-Origin
*
Content-Length
2489
Date
Wed, 25 Sep 2024 01:35:11 GMT
Content-Type
image/png
Last-Modified
Tue, 18 Aug 2020 23:19:53 GMT
x-amz-id-2
VIu2H1CaYenHpV5SqLKNe0i9Yo1bUAwYTdUFM2ET+aEPENWw3r+9madekpVXJPmZ8Y9lb7T6Y9w=
favicon.ico
mail.onmail.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mail.onmail.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.233.173.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-173-207.compute-1.amazonaws.com
Software
/
Resource Hash
d3250140176bd646fe97d323af117b17da0a431e27501e75630748c4db919256

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://mail.onmail.com/login

Response headers

X-Request-Id
781af3258986f0d32de94d3f7b584ea8
ETag
"66d16191-10be"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
Date
Wed, 25 Sep 2024 01:35:12 GMT
Content-Type
image/x-icon
Last-Modified
Fri, 30 Aug 2024 06:07:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
firebaseremoteconfig.googleapis.com
URL
https://firebaseremoteconfig.googleapis.com/v1/projects/onmail-2bdb7/namespaces/firebase:fetch?key=AIzaSyAP7jrRFz2oV76Hpn52tksKao1bR3mG7r8

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onmailConfig object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| __SENTRY__ object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| kochava function| _ object| tinymce object| tinyMCE object| intlTelInputGlobals object| feedViewCaches object| dataLayer function| gtag object| webpackChunkStripeJSouter function| noop function| Stripe object| google_tag_manager object| google_tag_data object| gaGlobal

4 Cookies

Domain/Path Name / Value
.ukvirginmoneyplc.com/ Name: _ga
Value: GA1.1.924631600.1727228107
.ukvirginmoneyplc.com/ Name: _ga_35S0R4L9FM
Value: GS1.1.1727228107.1.1.1727228107.0.0.0
.onmail.com/ Name: _ga_35S0R4L9FM
Value: GS1.1.1727228110.1.0.1727228110.0.0.0
.onmail.com/ Name: _ga
Value: GA1.1.267161791.1727228110

3 Console Messages

Source Level URL
Text
network error URL: https://files.ukvirginmoneyplc.com/v1/na/super_session
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mail.onmail.com/v1/na/super_session
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://mail.onmail.com/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.edison.tech
files.ukvirginmoneyplc.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
js.stripe.com
mail.onmail.com
region1.google-analytics.com
www.googletagmanager.com
firebaseremoteconfig.googleapis.com
151.101.0.176
151.101.64.176
18.233.173.207
2001:4860:4802:34::36
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
3.232.179.126
44.199.101.220
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
03e67d8e2e4ec1d920c0eb4279f635595f234b995ce08edbf6dcf55ac4d82553
102c2197a446afee72e5e1f459fd968b18a80f5f542f1d054435f22c049a1675
2aec30d119462eb4ebc4b2173ed2ea040b4d100d2f890f5a09b5e3603504396a
36e105a58683960682540e71263b53722cadf210e898b798a6cf50df0f940b5b
413e34d6f5a2886b144aedfde3869360e1a7ab5d11492c285d824c66b7bdb916
555576232a6538ca97dfde87c64d9d8a0d2409a3418a6b9abd18729b067a58d3
62650dc31f02ef325a4af44efa53beaddbeb4dfd37f9410219c89a541df13ea1
6352d6d774b1ad03ecd4b3fcedbfb4eb08475a2db9987a11528ce970f7125692
79b4586d221e51cf45e3dfc8d332da6b83f92dd949cfcd0f482475b082e95094
7d1ec9294227d972d9941f33b5e3a1da2b1a004531c1828cf5732e4949498aac
86d75616edefeebef2d87b6565f6d07d4e1255c2cdafbc0b2c84ed79baa206d9
91d4f70b84eafd163fe29b10a0d3b9a3c425edf11ad9ea24224059bcd44d34ec
9263cde348d5a8dbd7e8aa04f8fbe78f997c2f1b6cc7cd053002e16c9f3ff0d5
a1ca2e1403767acd61c81096399d78530b910f1f35e2af3894044079dc2ad8db
a3744dd1d0139d76f21d26182cf8e6d4aeab3c065b64e44de9a4d2770b1a6eb8
b1fe11d54eb8b9f1460d05b088424851876790ef31825e922cc360c2e2356cf1
b423dc3ae39cf28e028b140b760cd5617970e64c160ca756796d0cb6e7888869
b4ebc6ac8da4c5ad725a38eca40d09640538f102fa98f910afdf7e0949038cf6
d3250140176bd646fe97d323af117b17da0a431e27501e75630748c4db919256
d50ff542a6ec8e25559198e660682d35edcc5fbca0334cab87ea6be71eb45ac6
e52e06e064f442019b42a6539fc75e67d937a98b410e629e527ee858803d4738
eabb7d171ea9d6b75598c7ee9d0d8d742b4ae2312870efaf0f488e43b47f7b73
efc87de2367ead6e8abae7efe659703e9b707db8a6c3c748951a4a2574a826dd
f3fba9fae1fe99cbbde4664cf438354236c7a595c97be7a10be8961142427d27