urlscan.io logo urlscan.io
SecurityTrails logo

www.windcave.com Open in urlscan Pro
104.18.25.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paymentexpress.com/
Effective URL: https://www.windcave.com/
Submission: On July 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 104.18.25.148, located in and belongs to CLOUDFLARENET, US. The main domain is www.windcave.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 16th 2024. Valid for: a year.
This is the only time www.windcave.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.18.5.225 13335 (CLOUDFLAR...)
14 104.18.25.148 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 3
Apex Domain
Subdomains		 Transfer
14 windcave.com
www.windcave.com
617 KB
3 paymentexpress.com
paymentexpress.com — Cisco Umbrella Rank: 99952
22 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1133
7 KB
18 3
Domain Requested by
14 www.windcave.com paymentexpress.com
www.windcave.com
static.cloudflareinsights.com
3 paymentexpress.com paymentexpress.com
1 static.cloudflareinsights.com www.windcave.com
18 3

This site contains links to these domains. Also see Links.

Domain
sec.windcave.com
status.windcave.com
Subject Issuer Validity Valid
*.windcave.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-16 -
2025-02-15		 a year crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.windcave.com/
Frame ID: 098B07F2F6FE2ED90814ECD0214CD876
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windcave | Home | EFTPOS | Payment Gateway | Online Credit & Debit Card Processing

Page URL History Show full URLs

  1. https://paymentexpress.com/ Page URL
  2. https://www.windcave.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

647 kB
Transfer

889 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paymentexpress.com/ Page URL
  2. https://www.windcave.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
paymentexpress.com/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paymentexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28b6e8a8309c7908af5a98d910851bfa16d98e73ef407fdf1d6d46396e7a015
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=14400
cf-cache-status
DYNAMIC
cf-ray
89f8ea253e03c3f6-WAW
content-encoding
gzip
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html
date
Sun, 07 Jul 2024 15:37:13 GMT
expires
Sun, 07 Jul 2024 19:37:13 GMT
last-modified
Thu, 04 Jul 2024 02:00:42 GMT
server
cloudflare
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
css.css
paymentexpress.com/style/ 		85 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paymentexpress.com/style/css.css?q=1
Requested by
Host: paymentexpress.com
URL: https://paymentexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://paymentexpress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
cf-cache-status
MISS
strict-transport-security
max-age=16070400; includeSubDomains
content-length
18718
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 23:11:15 GMT
server
cloudflare
etag
"42bcbf35f668d51:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea267fc3c3f6-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
js.js
paymentexpress.com/style/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymentexpress.com/style/js.js
Requested by
Host: paymentexpress.com
URL: https://paymentexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://paymentexpress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
cf-cache-status
MISS
strict-transport-security
max-age=16070400; includeSubDomains
content-length
1385
x-xss-protection
1; mode=block
last-modified
Wed, 11 Mar 2020 10:02:28 GMT
server
cloudflare
etag
"53aa32c8cf7d51:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea267fc6c3f6-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
Primary Request /
www.windcave.com/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/
Requested by
Host: paymentexpress.com
URL: https://paymentexpress.com/style/js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c3029a8454de4c800ce99246670ca150a25bf84080e6f87c110d75fc41224e
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://paymentexpress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=14400
cf-cache-status
DYNAMIC
cf-ray
89f8ea28adb7c3b5-WAW
content-encoding
gzip
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html
date
Sun, 07 Jul 2024 15:37:14 GMT
expires
Sun, 07 Jul 2024 19:37:14 GMT
last-modified
Mon, 27 Mar 2023 20:53:00 GMT
server
cloudflare
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
css.css
www.windcave.com/style/ 		132 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/style/css.css?q=1
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343467350806e5f3ac7f22fef3835ab94fe50a490ef0ac8cab704ae3fbe73741
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
cf-cache-status
HIT
strict-transport-security
max-age=16070400; includeSubDomains
age
4576
content-length
28750
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 23:09:14 GMT
server
cloudflare
etag
"916f2562d032da1:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea29ef51c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
js.js
www.windcave.com/style/ 		90 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/style/js.js
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad1952ae9ed06a571ee5b0255e030c5ce9feb64fd6dce2bede8e9724a8cc5a0
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
cf-cache-status
HIT
strict-transport-security
max-age=16070400; includeSubDomains
age
4576
content-length
40468
x-xss-protection
1; mode=block
last-modified
Wed, 06 Mar 2024 02:20:07 GMT
server
cloudflare
etag
"394e7dce6c6fda1:0"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea29ef57c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
chu200th-small.png
www.windcave.com/Image/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/Image/chu200th-small.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89dbe1efdba76fe3fa22f887bd29b0d9f9537edce5cfcf213620328f35f0aa9b
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4576
content-length
164915
x-xss-protection
1; mode=block
last-modified
Thu, 16 Mar 2023 21:10:56 GMT
server
cloudflare
etag
"89afa7cc4b58d91:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea29ef58c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/
Origin
https://www.windcave.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89f8ea2bae12698f-FRA
Windcave-Red-Logo-Horizontal.svg
www.windcave.com/image/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/Windcave-Red-Logo-Horizontal.svg
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68841d813a6a92849bac78edfb75f2a73a051300c3a1d4c20ef10888c6813a76
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-encoding
gzip
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:10 GMT
server
cloudflare
etag
W/"bfc8a39cf068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
89f8ea2b3901c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
Roboto-Regular.ttf
www.windcave.com/style/fonts/ 		167 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/style/fonts/Roboto-Regular.ttf
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e79eaebefe9cb1188defba9413ad6d383cff1f0b4334f0b878634648fb70322
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Origin
https://www.windcave.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
170984
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:21 GMT
server
cloudflare
etag
"ffff5a2f068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b99adc3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
search-button-lg_red.png
www.windcave.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/search-button-lg_red.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8178a77926a071d28c5760d1d3945bfdbb85fbce5a92bf49c1576be158041794
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
3029
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:09 GMT
server
cloudflare
etag
"d52bc9bf068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b4915c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
chu200tl_hero-image.png
www.windcave.com/Image/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/Image/chu200tl_hero-image.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022478b0da15e2873cfd09ae2599e46a5810e211402dbe43b585126bd3c6c141
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
211448
x-xss-protection
1; mode=block
last-modified
Thu, 16 Mar 2023 21:10:56 GMT
server
cloudflare
etag
"ebbabcc4b58d91:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b5919c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
title-about-lg.png
www.windcave.com/image/ 		852 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/title-about-lg.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b862fa27540810e001ae99bed822b5b49730b7dca213cca53c2d175c2de2b487
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
852
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:09 GMT
server
cloudflare
etag
"1af71d9cf068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b591bc3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
arrow-titles-v2.png
www.windcave.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/arrow-titles-v2.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffaf6c83352356c889071824bd954ea0993d699a1cee25e799bd856289067b1
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
3224
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:03 GMT
server
cloudflare
etag
"3f3b1898f068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b5921c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
title-support-lg.png
www.windcave.com/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/title-support-lg.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8e713203739fda09454e3b0032ffd6fa5515aacf95d08611ee74080ff6de89
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
1375
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:09 GMT
server
cloudflare
etag
"87a5289cf068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b5928c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
small-arrow.png
www.windcave.com/image/ 		213 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windcave.com/image/small-arrow.png
Requested by
Host: www.windcave.com
URL: https://www.windcave.com/style/css.css?q=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049728ef1692a2fa2cef0fccc1885a71dae0c0a210fda25bd79f67efe9741ffe
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/style/css.css?q=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-length
213
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:09 GMT
server
cloudflare
etag
"8751d79bf068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89f8ea2b592bc3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT
rum
www.windcave.com/cdn-cgi/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.windcave.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.windcave.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89f8ea2c4ac1c3b5-WAW
favicon.ico
www.windcave.com/image/ 		567 B
913 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.windcave.com/image/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309eee0fdf07a9a8f9d3cbe27ced730fcf2c9017fb629dfe53a51d73d87b6978
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.windcave.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 15:37:14 GMT
content-security-policy
default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
cf-cache-status
HIT
age
4575
content-encoding
gzip
x-xss-protection
1; mode=block
last-modified
Wed, 11 Sep 2019 22:31:04 GMT
server
cloudflare
etag
W/"af82df98f068d51:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=14400
cf-ray
89f8ea2cab28c3b5-WAW
expires
Sun, 07 Jul 2024 19:37:14 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| hn function| GetXmlHttpObject function| PxGetStatus function| PxOnXmlHttpObjectStateChanged object| isMobile function| displayRegionSpecific function| redirectPrivacyPolicy function| redirectPxPayHpp function| redirectCertandComp function| redirectTermsandConditions function| redirectDDForm function| $ function| jQuery object| __cfBeacon

2 Cookies

Domain/Path Name / Value
paymentexpress.com/ Name: __cflb
Value: 0H28vb8kgQAXgqtEQyNr64cVPvpvUL8xQywTAyA2rKN
www.windcave.com/ Name: __cflb
Value: 0H28vNTmspw9yYpxoeTQSfWkDUCp5Cw8tzLKsmHZiZ2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src http: https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block