urlscan.io logo urlscan.io
SecurityTrails logo

www.payback.de Open in urlscan Pro
45.60.14.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsletter5.payback.de/go/oslr48i0zmgg0ksejygmnbdiremc3l5hx2io000wk14h/152653
Effective URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Submission: On September 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is www.payback.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 25th 2019. Valid for: 2 years.
This is the only time www.payback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.35.37.225 8422 (NETCOLOGNE)
2 8 45.60.14.82 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 4
1    78.35.37.225 (Cologne, Germany)

ASN8422 (NETCOLOGNE, DE)
PTR: nr65-2.elaine-asp.de
newsletter5.payback.de
8    45.60.14.82 (United States)

ASN19551 (INCAPSULA, US)
www.payback.de
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 payback.de
newsletter5.payback.de
www.payback.de
45 KB
3 google.com
www.google.com
554 B
1 gstatic.com
www.gstatic.com
132 KB
10 3
Domain Requested by
8 www.payback.de 2 redirects www.payback.de
3 www.google.com www.payback.de
www.gstatic.com
1 www.gstatic.com www.google.com
1 newsletter5.payback.de 1 redirects
10 4

This site contains no links.

Subject Issuer Validity Valid
www.payback.de
DigiCert SHA2 Extended Validation Server CA		 2019-06-25 -
2021-06-29		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Frame ID: ADBC38DC73CA4DDDF66DDF4003ED2958
Requests: 5 HTTP requests in this frame

Frame: https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
Frame ID: 1BAA7C115F0B4C88C19F5B35510149A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&size=normal&cb=pdf8m1ek3ttl
Frame ID: 0B83A796ECE896C59AC18B5562062283
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=5k4cg0f9ccin
Frame ID: A852DE1B44E2956A6458C9A4D0AC9869
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://newsletter5.payback.de/go/oslr48i0zmgg0ksejygmnbdiremc3l5hx2io000wk14h/152653 HTTP 302
    http://www.payback.de/pb/id/23772 HTTP 301
    https://www.payback.de/pb/id/23772 HTTP 301
    https://www.payback.de/info/mein-payback/stammdaten Page URL
  2. https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payba... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

176 kB
Transfer

589 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsletter5.payback.de/go/oslr48i0zmgg0ksejygmnbdiremc3l5hx2io000wk14h/152653 HTTP 302
    http://www.payback.de/pb/id/23772 HTTP 301
    https://www.payback.de/pb/id/23772 HTTP 301
    https://www.payback.de/info/mein-payback/stammdaten Page URL
  2. https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://newsletter5.payback.de/go/oslr48i0zmgg0ksejygmnbdiremc3l5hx2io000wk14h/152653 HTTP 302
  • http://www.payback.de/pb/id/23772 HTTP 301
  • https://www.payback.de/pb/id/23772 HTTP 301
  • https://www.payback.de/info/mein-payback/stammdaten

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set stammdaten
www.payback.de/info/mein-payback/
Redirect Chain
  • http://newsletter5.payback.de/go/oslr48i0zmgg0ksejygmnbdiremc3l5hx2io000wk14h/152653
  • http://www.payback.de/pb/id/23772
  • https://www.payback.de/pb/id/23772
  • https://www.payback.de/info/mein-payback/stammdaten
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/info/mein-payback/stammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
1d3dfa55e280d4aacc56fbbb90c4e237a1b372fef25320a2e065c126d6ed8134
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security max-age=2592000
X-Content-Security-Policy frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting

Request headers

Host
www.payback.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServerpool_pde_e3_lmsweb_httpd_a=!sHYjVzVhwapW20MfGwHGuBkxxXxuZIRsakD6A+caLyLMuHojpzplUgEUDSSPW6nLtNyG/mR/uZmBCg==; visid_incap_860291=FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7; incap_ses_325_860291=CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==; ___utmvmOPuFFYt=zGcyGZAtNCK; ___utmvbOPuFFYt=wZU XPPOIalJ: FtR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 07 Sep 2020 01:54:56 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
JSESSIONID_BB=52C51FC4F6ED5631AB1476527E9C0089.deliveryWorker; Path=/; Secure; HttpOnly cas_cookie=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ net_campaign=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ BIGipServerpool_pde_e3_blueberry_cae_a=!9jWsWdf8kCOMp5sfGwHGuBkxxXxuZJ1T2vsrLLf1tkSjHi0uTuLUJgc8TJ/Bb9dnb+4J9IGB1GT/Vn4=; path=/; Httponly visid_incap_860291=FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7; expires=Mon, 06 Sep 2021 07:32:21 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_325_860291=CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==; path=/; Domain=.payback.de ___utmvbOPuFFYt=a; Max-Age=0; path=/; expires=Mon, 24 Aug 2020 07:24:13 GMT ___utmvmOPuFFYt=a; Max-Age=0; path=/; expires=Mon, 24 Aug 2020 07:24:13 GMT
Content-Security-Policy
frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-Content-Security-Policy
frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
X-WebKit-CSP
frame-ancestors *.payback.de
Content-Language
de-DE
X-Request-ID
dbfd0571-3914-418f-b172-81cbd22c63ed
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
X-CDN
Incapsula
X-Iinfo
6-11396154-11396155 SNNN RT(1599443695742 299) q(0 0 0 -1) r(1 1) U5

Redirect headers

Server
nginx
Date
Mon, 07 Sep 2020 01:54:56 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.payback.de/info/mein-payback/stammdaten
X-Request-ID
1e865813-7771-4bad-83fd-f04dd45e59b7
Set-Cookie
BIGipServerpool_pde_e3_lmsweb_httpd_a=!sHYjVzVhwapW20MfGwHGuBkxxXxuZIRsakD6A+caLyLMuHojpzplUgEUDSSPW6nLtNyG/mR/uZmBCg==; path=/; Httponly; Secure visid_incap_860291=FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7; expires=Mon, 06 Sep 2021 07:32:21 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_325_860291=CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==; path=/; Domain=.payback.de ___utmvmOPuFFYt=zGcyGZAtNCK; path=/; Max-Age=900 ___utmvaOPuFFYt=tkFLsuK; path=/; Max-Age=900 ___utmvbOPuFFYt=wZU XPPOIalJ: FtR; path=/; Max-Age=900
Strict-Transport-Security
max-age=2592000
X-CDN
Incapsula
X-Iinfo
6-11396154-11396155 NNNN CT(27 26 0) RT(1599443695742 88) q(0 0 0 1) r(2 2) U5
_Incapsula_Resource
www.payback.de/ 		116 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=474642472
Requested by
Host: www.payback.de
URL: https://www.payback.de/info/mein-payback/stammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.payback.de/info/mein-payback/stammdaten
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
16935
Content-Type
application/javascript
Primary Request login
www.payback.de/ 		931 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Requested by
Host: www.payback.de
URL: https://www.payback.de/info/mein-payback/stammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
27bd58f3fcbcfb9fa876cddabd3280f2338de31077d785bbcf4c64cda35e40be

Request headers

Host
www.payback.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://www.payback.de/info/mein-payback/stammdaten
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServerpool_pde_e3_lmsweb_httpd_a=!sHYjVzVhwapW20MfGwHGuBkxxXxuZIRsakD6A+caLyLMuHojpzplUgEUDSSPW6nLtNyG/mR/uZmBCg==; visid_incap_860291=FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7; incap_ses_325_860291=CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==; JSESSIONID_BB=52C51FC4F6ED5631AB1476527E9C0089.deliveryWorker; BIGipServerpool_pde_e3_blueberry_cae_a=!9jWsWdf8kCOMp5sfGwHGuBkxxXxuZJ1T2vsrLLf1tkSjHi0uTuLUJgc8TJ/Bb9dnb+4J9IGB1GT/Vn4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/info/mein-payback/stammdaten

Response headers

Content-Type
text/html
Cache-Control
no-cache
Connection
close
Content-Length
931
X-Iinfo
6-11396154-0 0NNN RT(1599443695742 481) q(0 -1 -1 -1) r(0 -1) B12(11,15072,0) U5
_Incapsula_Resource
www.payback.de/ 		117 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f661fff0ad88c0dc60192c167313c44fd38cde4b529cc3ec6ca64677c4623cb7

Request headers

Referer
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
17204
Content-Type
application/javascript
_Incapsula_Resource
www.payback.de/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payback.de/_Incapsula_Resource?SWKMTFSR=1&e=0.4882150960406717
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
Cookie set _Incapsula_Resource
www.payback.de/ Frame 1BAA 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4834aad2860250b5e687be3187c4ff9a0d8ed6f1318daed898511feb9723bcd5

Request headers

Host
www.payback.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServerpool_pde_e3_lmsweb_httpd_a=!sHYjVzVhwapW20MfGwHGuBkxxXxuZIRsakD6A+caLyLMuHojpzplUgEUDSSPW6nLtNyG/mR/uZmBCg==; visid_incap_860291=FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7; incap_ses_325_860291=CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==; JSESSIONID_BB=52C51FC4F6ED5631AB1476527E9C0089.deliveryWorker; BIGipServerpool_pde_e3_blueberry_cae_a=!9jWsWdf8kCOMp5sfGwHGuBkxxXxuZJ1T2vsrLLf1tkSjHi0uTuLUJgc8TJ/Bb9dnb+4J9IGB1GT/Vn4=; ___utmvc=V3+ZOYluAl7yLAlHnELLz5QLChWKFhb/JztlqpPIRbhEQpocdJZRXgTF8SgZaHohAkLwuWJYDFT6dMqoy0Pmnde2MwAVUaDxPEdY7l0FbljPOvlJkE2RxdTyMTlTJzHHgu0Ca5fgC5ltQzn6niYGeeqMkhDn5eFemKs4QWzIbNozBDaJyqsqpuh8cIq0Z1uTA5wKYXuaj7z6jGbt9H8SBtCukKaF76aEmbEeMsKKJP2C3daW3Ai4bQkE2k1vnVDlOh1WRXqAV3qBHMh+yEsGnKfPEnPMNNcsu0kzCND2sairBshya356MCySQ1GbuBmmBtEbbG4NMM02EXSInT7GuG+3VI0tK8+8RJM0DPMJa4xvoJybAE+VpfHXKJs1JKRRLOEeV1jJ2SIGwu7Z0JCiMrYFhCla+0y+1v1CVDVuwiInLwlggssVlBGV/ynoJvKyL0zPr8mZMxiJ+pfZcTnwuNH+RXOKHbohywVnZDlyPdo5f+I8yDZ2kgvx3QTi4hoBfu1L4KssTA0cOykldRt0oNT3xXNp/AxgZKpEmh73duoB6Uk7Opif+WL9wUo60R2eNQ806f0861Au+XOLPJtaFaZAm36dB3e+huiq27Ihw/9K07C/6Tq2Pt2Yick83BheoimimQQOztw7bEzyEZ5uTPziOjgKjG78E98GYXCRN4s0Erf/ZM5DJnYFIscnLqsRbrPFwtQHfYQJy98Q4r4JUUXUmAa+LYPV89I9Upxe59dWLGAAmXiyiGhRTPHx8WXE/NXdmioKdSs1R6OgKWfICIsEczgGUtZgC7T3RTurOaTHg3RGPNfx7R8+IU22JBBzS1N/lBYL5RSdfBsUq4rwA/vPia9lQNOb4r4XOo38QDgaTiHFK0oZhmRcOzZRvKztlTxO+h93ABW0DlBFcJrYbDowN/7ZWoPoFg8NUmUevis90nTlrcUd/MKqzSCoVYVMfH9stE1QpC4sa5vAuG0/PxIQegt1RDYFFe5ykgQbQAVkMpp043p95F8UVVzWQ465xh53SD9/hV6QP6D+nG1pVBn+FfgaB/uv940syL1pyUtFWGD57HUJ7j+Y/Gi+whrNUSubv6ETvH9TDQDm0O8+0V9EtPCcY/A2Jfku8PUG7gC9R23riXTRMk6E6bMVOLFjFUAGD2UeAYiZEOKEhy9MH0T2ahjQc3eeWFhvWdIayaRRfJskkRB0Qap2ao+3Y5tJQogTKFD7dvYh/kpo6VDMY7sqsffNBrcTij3LPnmdFJyo1KlX2pVHafuy9dp5wiW83CE1aRGriiXh80GJ8L2GMNvovy3VpdWSux5DPibbipEa9F5RFdSAqaSJC7d7GtOfKuDmQd+zE1ck1sLamnyaTIwHCQG7oVCJgqbkaRyrULPsFKnquXl4qDBt9o2WN4gxX4b10VZZL/fRl4N1n9PXduARwhVrc17fUjesxgAKiad0p+aBECd4hbOLtbMEr2C746EcZUuVinoo9l10yX621J+ihy4r1G6f5f/9IJ0MkNJDRdRcLpxWgXasal6KMZFYWS3sfkVIqSS71ejIvRIFbSd++w5wV+LluSxwMvbf2BnpnzPwoSSuK4Y7dQp8uiQDgUwuBHVnasEMeIDISSrfXGdjPCokODFsptXdXSxkaWdlc3Q9MTE0MzQ4LHM9NjZhMzllYTY4MjY3NzU3YWE5OWM4Mjk5N2M4N2E1NmM3OGExOGE5NDgwOWNhNDhlNjM5NjY3N2Y5YjkyNzM5NmE4Nzk4ZDhhNzM4MjcxNzA=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/login?redirectUrl=https%253A%252F%252Fwww.payback.de%252Finfo%252Fmein-payback%252Fstammdaten

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html
Content-Encoding
gzip
X-Robots-Tag
noindex
Content-Length
6035
Set-Cookie
___utmvc=a; Max-Age=0; path=/; expires=Mon, 24 Aug 2020 07:24:13 GMT
api.js
www.google.com/recaptcha/ Frame 1BAA 		736 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.payback.de
URL: https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa997076dd98d8f85b5e141731fdc884857964f56264087e3c9d83744934d00b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 01:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
466
x-xss-protection
1; mode=block
expires
Mon, 07 Sep 2020 01:54:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NjbyeWjjFy97MXGZ40KrXu3v/ Frame 1BAA 		336 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NjbyeWjjFy97MXGZ40KrXu3v/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ea58080fb9d36afe80f4d8a296283f94511b2bddef6b031407ac5cab2de50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 16:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 Aug 2020 04:09:10 GMT
server
sffe
age
553075
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135378
x-xss-protection
0
expires
Tue, 31 Aug 2021 16:17:02 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0B83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&size=normal&cb=pdf8m1ek3ttl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NjbyeWjjFy97MXGZ40KrXu3v/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AlJsrlCbbtHyCmJ7ud+KiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&size=normal&cb=pdf8m1ek3ttl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Sep 2020 01:54:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-AlJsrlCbbtHyCmJ7ud+KiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10242
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame A852 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=5k4cg0f9ccin
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NjbyeWjjFy97MXGZ40KrXu3v/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-54U1yDLNQlVg43hDOnEzgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=5k4cg0f9ccin
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=6-11396154-0%200NNN%20RT%281599443695742%20481%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=325000250030763343-54978841290278470&edet=12&cinfo=0b000000&rpinfo=0&cts=bNPGLQ1XMdceF2be3%2bp0tiT5%2fx59Zr%2fBBJhCBfv2XWeYsp5oEbsmdz038j0%2fAyeL

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Sep 2020 01:54:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-54U1yDLNQlVg43hDOnEzgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1174
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

5 Cookies

Domain/Path Name / Value
www.payback.de/ Name: BIGipServerpool_pde_e3_blueberry_cae_a
Value: !9jWsWdf8kCOMp5sfGwHGuBkxxXxuZJ1T2vsrLLf1tkSjHi0uTuLUJgc8TJ/Bb9dnb+4J9IGB1GT/Vn4=
.payback.de/ Name: incap_ses_325_860291
Value: CmrxNkJh22tPLf9mAaKCBPCSVV8AAAAAOB5LVlH+lDUEcbC+Qepw7A==
.payback.de/ Name: visid_incap_860291
Value: FOrD5wZMQq+9UwLuu4+MTe+SVV8AAAAAQUIPAAAAAADd2C4NZxeh3d73oKhSIKN7
www.payback.de/ Name: JSESSIONID_BB
Value: 52C51FC4F6ED5631AB1476527E9C0089.deliveryWorker
www.payback.de/ Name: BIGipServerpool_pde_e3_lmsweb_httpd_a
Value: !sHYjVzVhwapW20MfGwHGuBkxxXxuZIRsakD6A+caLyLMuHojpzplUgEUDSSPW6nLtNyG/mR/uZmBCg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Strict-Transport-Security max-age=2592000
X-Content-Security-Policy frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting