urlscan.io logo urlscan.io
SecurityTrails logo

www.payback.de Open in urlscan Pro
45.60.14.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsletter6.payback.de/go/6/3xiq0p1f-3x94pji8-3x94pjla-z34kgt.html?couponid=550340&mobid=550339
Effective URL: https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponI...
Submission: On August 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is www.payback.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 25th 2019. Valid for: 2 years.
This is the only time www.payback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.169.180.252 48173 (UNBELIEVA...)
1 5 45.60.14.82 19551 (INCAPSULA)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains		 Transfer
6 payback.de
newsletter6.payback.de
www.payback.de
28 KB
3 google.com
www.google.com
668 B
1 gstatic.com
www.gstatic.com
131 KB
8 3
Domain Requested by
5 www.payback.de 1 redirects www.payback.de
3 www.google.com www.payback.de
www.gstatic.com
1 www.gstatic.com www.google.com
1 newsletter6.payback.de 1 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
www.payback.de
DigiCert SHA2 Extended Validation Server CA		 2019-06-25 -
2021-06-29		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Frame ID: 96814FB38C978C7D2E3DF54C99C4928B
Requests: 3 HTTP requests in this frame

Frame: https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
Frame ID: BA7518108C877C5538D8A02704AF1083
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=normal&cb=h12ctqslmae
Frame ID: 416F4DC500880731CB7045BDB3475F79
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=rlx85mqozvda
Frame ID: 8F98FCF904DA0F93ED7E5F842F6C0EC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://newsletter6.payback.de/go/6/3xiq0p1f-3x94pji8-3x94pjla-z34kgt.html?couponid=550340&mobid=550339 HTTP 302
    https://www.payback.de/pb/couponLink?couponId=%7BTREATMENT_ID3%7D&mobId=%7BMOBILE_ID3%7D&activate=t... HTTP 302
    https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2F... Page URL

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

157 kB
Transfer

474 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsletter6.payback.de/go/6/3xiq0p1f-3x94pji8-3x94pjla-z34kgt.html?couponid=550340&mobid=550339 HTTP 302
    https://www.payback.de/pb/couponLink?couponId=%7BTREATMENT_ID3%7D&mobId=%7BMOBILE_ID3%7D&activate=true&CCID=5007&nlcid=53_20123_014&TrID=574460&couponid=550340&mobid=550339 HTTP 302
    https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.payback.de/
Redirect Chain
  • http://newsletter6.payback.de/go/6/3xiq0p1f-3x94pji8-3x94pjla-z34kgt.html?couponid=550340&mobid=550339
  • https://www.payback.de/pb/couponLink?couponId=%7BTREATMENT_ID3%7D&mobId=%7BMOBILE_ID3%7D&activate=true&CCID=5007&nlcid=53_20123_014&TrID=574460&couponid=550340&mobid=550339
  • https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26...
932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
95fe66339fd89a6bb7c06eb4bb1b6e83eb6670b75bbc5a402441cc6b17296f8d

Request headers

Host
www.payback.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=F6140E97181575C1A2A27ACA21348FD4; BIGipServerpool_pde_e3_lmsweb_cae_a=!L20+5ngCPjQoE+kfGwHGuBkxxXxuZH18A3Fg9HvPPH6ZqddcrZ/s1Q2gMkGhhMnOH4LJnRMApzo4rQ==; BIGipServerpool_pde_e3_lmsweb_httpd_a=!ZfRHfqEohh+c0IAfGwHGuBkxxXxuZM2b6996/JaGw4lgxH/PusJe2JtPDYIo0mSecoh/b+OU2aLJ5g==; visid_incap_860291=8o3/eCZOQiKMq/VTmQOhuwSvM18AAAAAQUIPAAAAAABg//ihscmVmfzWtarjV7IT; incap_ses_769_860291=gO+3FK3boCagXUxBhAmsCgSvM18AAAAA533mPU3zpZIUIhubuT2/mQ==; ___utmvmZzuFFYt=ZuBiRZMDLxZ; ___utmvbZzuFFYt=PZO XqSOdald: ztk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Cache-Control
no-cache
Connection
close
Content-Length
932
X-Iinfo
7-4005152-0 0NNN RT(1597222660481 187) q(0 -1 -1 -1) r(0 -1) B12(11,15072,0) U5

Redirect headers

Server
nginx
Date
Wed, 12 Aug 2020 08:57:41 GMT
Content-Type
text/html;charset=windows-1252
Content-Length
0
Connection
keep-alive
X-WebKit-CSP
frame-ancestors *.payback.de
X-Content-Security-Policy
frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Content-Security-Policy
frame-ancestors *.payback.de; report-uri /blueberry/servlet/handler/cspreporting
Set-Cookie
JSESSIONID=F6140E97181575C1A2A27ACA21348FD4; Path=/; Secure; HttpOnly BIGipServerpool_pde_e3_lmsweb_cae_a=!L20+5ngCPjQoE+kfGwHGuBkxxXxuZH18A3Fg9HvPPH6ZqddcrZ/s1Q2gMkGhhMnOH4LJnRMApzo4rQ==; path=/; Httponly BIGipServerpool_pde_e3_lmsweb_httpd_a=!ZfRHfqEohh+c0IAfGwHGuBkxxXxuZM2b6996/JaGw4lgxH/PusJe2JtPDYIo0mSecoh/b+OU2aLJ5g==; path=/; Httponly; Secure visid_incap_860291=8o3/eCZOQiKMq/VTmQOhuwSvM18AAAAAQUIPAAAAAABg//ihscmVmfzWtarjV7IT; expires=Wed, 11 Aug 2021 14:26:12 GMT; HttpOnly; path=/; Domain=.payback.de incap_ses_769_860291=gO+3FK3boCagXUxBhAmsCgSvM18AAAAA533mPU3zpZIUIhubuT2/mQ==; path=/; Domain=.payback.de ___utmvmZzuFFYt=ZuBiRZMDLxZ; path=/; Max-Age=900 ___utmvaZzuFFYt=fwTAbsw; path=/; Max-Age=900 ___utmvbZzuFFYt=PZO XqSOdald: ztk; path=/; Max-Age=900
Location
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
X-Request-ID
a97eda4b-c3f0-4b46-aade-414e782f2f8b
Strict-Transport-Security
max-age=2592000
X-CDN
Incapsula
X-Iinfo
7-4005152-4005153 NNNN CT(13 12 0) RT(1597222660481 16) q(0 0 1 0) r(2 2) U5
_Incapsula_Resource
www.payback.de/ 		124 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fd84b5909bb5665754bf33e2cc1e575f6ef94f509bfc1c36ff6910fc18faec27

Request headers

Referer
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
18175
Content-Type
application/javascript
_Incapsula_Resource
www.payback.de/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payback.de/_Incapsula_Resource?SWKMTFSR=1&e=0.657950108823188
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
Cookie set _Incapsula_Resource
www.payback.de/ Frame BA75 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
Requested by
Host: www.payback.de
URL: https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.82 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4834aad2860250b5e687be3187c4ff9a0d8ed6f1318daed898511feb9723bcd5

Request headers

Host
www.payback.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=F6140E97181575C1A2A27ACA21348FD4; BIGipServerpool_pde_e3_lmsweb_cae_a=!L20+5ngCPjQoE+kfGwHGuBkxxXxuZH18A3Fg9HvPPH6ZqddcrZ/s1Q2gMkGhhMnOH4LJnRMApzo4rQ==; BIGipServerpool_pde_e3_lmsweb_httpd_a=!ZfRHfqEohh+c0IAfGwHGuBkxxXxuZM2b6996/JaGw4lgxH/PusJe2JtPDYIo0mSecoh/b+OU2aLJ5g==; visid_incap_860291=8o3/eCZOQiKMq/VTmQOhuwSvM18AAAAAQUIPAAAAAABg//ihscmVmfzWtarjV7IT; incap_ses_769_860291=gO+3FK3boCagXUxBhAmsCgSvM18AAAAA533mPU3zpZIUIhubuT2/mQ==; ___utmvc=9MJFJUEY5ehCJkDW3kbMh0RPb1deMyiLA789Ggc7S7Z6SWmL8Z758PAi1fBUaHNzokEhZNsR8RnVHVOn/Cq4mMmv5RtZSt131jziTVTfpE08Gv7qu3VXz8dppgEixMEXbcbs6KZT/OQr2O7GAwG4UB6nl4/kkr0aYXXFvtlkuPwcyaybR9znjtH3np5Tjcs739cELSNdL67jr5geZs8PrqzMG3iij4WFt+C4swsUKotUe8RetbaPp2C7bG9KfHinrqDkXIZ/A+ffiSfrBDbywTXDCAxst92+Cml4dlWeWY8s9VtBxzsTJfUfcNSFt2dIknCx4MurlQ8UOQHopGaOWOaR/oKLmtX1aiINQ0kZYozjhxf+EtTmj4BMzE2NqcZ7r2WwOQ8jUnCQNf9U1kThJt0p+9eiNI6z+0Z3uJ9Cs+KXghRmWUZp7Kj5EyplwKZgUBy88fJSJ49RQU6LEqejxcyogXcwHUndMTXqs5qc1AFCdV67oMOs9degFftA60eU9Tc/q8IcEbPWGnSZkehAd9AsYYGY8MABDT253CGJBlV6JqY8NoJBwDxRH9XIK7fQs9d04qLOfUlIAHXP6Qm/gkm7aOftLrOKDpzgicAIxTbpSLPueMOnwp/3ig/Lk9UQ9bwTugKRs4zN7tzedBU4wIEunsYMExOiCPdwKBtmh+gSc155sFKOnRTrJhEkCzT7HUas+X5jsY4xRA7aFg+OX8aFXVEGDYc2o0v1BeDGMX+ikINGEhthVbr3ZIKtfwIyxXoODJyM+Dllwxr9FjydV9vhFUoA59HPbOWctYC99ZSQlviIUs/T72ibe/AYVZwj8uiHLkpVZxLT9OG21Kiy7YNRG5Y0AOUb8NYyctLFaQ2fJ+9Es/XecsK92RrW4hP+xajYDdCdtyjFq0P7M8/ztt+tIcY27G4iKn1VdUQwt29qf1I8g7uoPukqixHZc4zoc+4c7QABBEnFG9r943eSdO5MQ8qgNxRkOl+OmNYw+ynd2oDeAURCnlWkIEp8ZPyUdObMR3rLJbyI27v1Wf87TRMWHBPUU8AFELllwMrEhrg7llvmIz0c3Z5bD02vIDb4P5XXW5nBWtn6b29fiCq9lweJFpg1uqrwaH8Wgpunvhpv56qs3m6XSW7B8w3KuECGLl4Obn0o9exFbpCyuWxyMYOvuPQQvzhzU9KRqa52LeciQSrUdkqhB1MlJ4CnCSsKJw1/wKLryAoe5Hb3449TC5P+r3UNGC+EgSf1ISExTtse4zS46snPe67eYkEI6rric+d70JcMr5bkGrBEVDaxfVspHGKiC+A+GSutuJm4Mt15XgiYnlEJpHvEusVVHldLHNppSZJFmiUVcFVcNE/p2fDw1UbbDZgOdTJiFxg6UWtpDr7yxdgGImVBc8phoomCnvBd4KkPFy6G0CaN6FibG/8oguCzMGkigSTWk1BpwfVBHPnOkHOPM82o5MUDNgl81Ds/cYUn4nLq7md2tEiwblZj2DdDRntUvCC8IIbr9pQYTOlVYzaO3gbLWIolVH2I2lc8RdaL5CzZO6i9fIM75nnMsyubwGt/BPfyF0jVfw0gcv722dhI2948ag5yBkAWjpsg0ToVrsbv9D6yHSNJsmpR+eqbCDFimVqIBCxkaWdlc3Q9MTE0MTUxLHM9ODE3NDdhYWI3OTk4ODU5ZGExNzQ4MjY4Nzg5MjdiYTVhMWE0N2Y4NmE2YTQ2ODYyYTQ3NmEyNzdhZDc1NmE4OTY4NzNhOTdiOTY4MjcxNmU=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/login?nlcid=53_20123_014&mobId={MOBILE_ID3}&TrID=574460&redirectUrl=%2Fpb%2FcouponLink%3FcouponId%3D%7BTREATMENT_ID3%7D%26activate%3Dtrue%26CCID%3D5007%26couponid%3D550340%26mobid%3D550339

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html
Content-Encoding
gzip
X-Robots-Tag
noindex
Content-Length
6035
Set-Cookie
___utmvc=a; Max-Age=0; path=/; expires=Mon, 10 Aug 2020 14:21:24 GMT
api.js
www.google.com/recaptcha/ Frame BA75 		674 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.payback.de
URL: https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fdc8925648b957baf9f68b4647a851f8ba9f5dc4b1b0b87a9db3c8d29f2de8d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 08:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
1; mode=block
expires
Wed, 12 Aug 2020 08:57:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ Frame BA75 		331 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 03:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 Aug 2020 04:05:32 GMT
server
sffe
age
20860
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133738
x-xss-protection
0
expires
Thu, 12 Aug 2021 03:10:01 GMT
anchor
www.google.com/recaptcha/api2/ Frame 416F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=normal&cb=h12ctqslmae
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-blKYSZtSBzV2rVlKhKdDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cucGF5YmFjay5kZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=normal&cb=h12ctqslmae
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 12 Aug 2020 08:57:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-blKYSZtSBzV2rVlKhKdDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10337
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame 8F98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=rlx85mqozvda
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dudvo1vqEgyqIh0cvOrKDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&cb=rlx85mqozvda
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payback.de/_Incapsula_Resource?SWUDNSAI=30&xinfo=7-4005152-0%200NNN%20RT%281597222660481%20187%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2811%2c15072%2c0%29%20U5&incident_id=769000100009368992-17987348855849607&edet=12&cinfo=0b000000&rpinfo=0&cts=wlKurMwioP%2bhdTwLJ7ZvD4oBoQSJm6Luf1js%2bLGNWBkSzc%2fyC%2fwcU%2fUyLRFHjoli

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 12 Aug 2020 08:57:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-Dudvo1vqEgyqIh0cvOrKDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1174
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.payback.de/ Name: incap_ses_769_860291
Value: gO+3FK3boCagXUxBhAmsCgSvM18AAAAA533mPU3zpZIUIhubuT2/mQ==
.payback.de/ Name: visid_incap_860291
Value: 8o3/eCZOQiKMq/VTmQOhuwSvM18AAAAAQUIPAAAAAABg//ihscmVmfzWtarjV7IT
www.payback.de/ Name: BIGipServerpool_pde_e3_lmsweb_cae_a
Value: !L20+5ngCPjQoE+kfGwHGuBkxxXxuZH18A3Fg9HvPPH6ZqddcrZ/s1Q2gMkGhhMnOH4LJnRMApzo4rQ==
www.payback.de/ Name: BIGipServerpool_pde_e3_lmsweb_httpd_a
Value: !ZfRHfqEohh+c0IAfGwHGuBkxxXxuZM2b6996/JaGw4lgxH/PusJe2JtPDYIo0mSecoh/b+OU2aLJ5g==
www.payback.de/ Name: JSESSIONID
Value: F6140E97181575C1A2A27ACA21348FD4