login.mypaymentvault.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.mypaymentvault.com/login
Submission: On March 22 via manual (March 22nd 2024, 2:52:27 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2620:1ec:46::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.mypaymentvault.com. The Cisco Umbrella rank of the primary domain is 745598.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 5th 2023. Valid for: 6 months.

This is the only time login.mypaymentvault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:249... 2600:9000:2490:ba00:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:275... 2600:9000:275d:3c00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2250:c200:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
34	8

15 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.mypaymentvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
external.onbe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:ba00:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:3c00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:c200:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mypaymentvault.com login.mypaymentvault.com — Cisco Umbrella Rank: 745598	2 MB
7	gstatic.com www.gstatic.com fonts.gstatic.com	661 KB
5	google.com www.google.com — Cisco Umbrella Rank: 5	39 KB
2	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 36009	4 KB
2	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 35885	4 KB
2	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 35935	4 KB
2	onbe.io external.onbe.io — Cisco Umbrella Rank: 712027	50 KB
34	7

	Domain	Requested by
13	login.mypaymentvault.com	login.mypaymentvault.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	www.google.com	login.mypaymentvault.com www.gstatic.com www.google.com
2	1.c81358859121583b7adf2ace89cb39f44.com	login.mypaymentvault.com 1.c81358859121583b7adf2ace89cb39f44.com
2	1.b406929acabac9b095f124c81bdfcf57f.com	login.mypaymentvault.com 1.b406929acabac9b095f124c81bdfcf57f.com
2	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	login.mypaymentvault.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
2	external.onbe.io	login.mypaymentvault.com
1	fonts.gstatic.com	www.google.com
34	8

This site contains no links.

Subject Issuer	Validity	Valid
login.mypaymentvault.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-05` - `2024-06-05`	6 months	crt.sh
external.onbe.io GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-05` - `2024-06-05`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-26` - `2024-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-02` - `2024-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-02` - `2024-04-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://login.mypaymentvault.com/login
Frame ID: 433EA79FD60B2DF3C4E4D308AA82ACD5
Requests: 17 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 597AB687364E8FB13ACC809E927779D5
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: E7BE8B5F9795704B4AC4BA4CA939BF2F
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: CE02BA4AA5FF8E18CF4D0D296B8F2709
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu&co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=normal&badge=bottomright&cb=prpa5o2zbwl8
Frame ID: CFF747D175D71D814377186484931591
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu
Frame ID: 1F748FCCC7E6DB6693E8CB1E40ACB46C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyPaymentVault

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

34
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

3188 kB
Transfer

5293 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
login.mypaymentvault.com/ 938 B
964 B 268ms
151ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mypaymentvault.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9862e6ee164164b7aa3abc8838bf33c9519e1207a5e1508f7b45cad15c40debc

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: br
content-type: text/html
date: Fri, 22 Mar 2024 14:52:20 GMT
etag: "45992963"
last-modified: Sun, 17 Mar 2024 04:31:01 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uay5
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-forwarded-for: {headers.x-forwarded-for}
x-xss-protection: 1; mode=block

GET
H2 200 bundle.js Show response
login.mypaymentvault.com/ 944 KB
243 KB 286ms
285ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mypaymentvault.com/bundle.js

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40134e0d63a705e40e8739ec05a64f7794cd1d67c740b11603dc6f5922ce01c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:20 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 Mar 2024 04:31:01 GMT
x-content-type-options: nosniff
etag: "45992963"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayh
x-forwarded-for: {headers.x-forwarded-for}
cache-control: no-store
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
login.mypaymentvault.com/ 261 KB
42 KB 260ms
259ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mypaymentvault.com/styles.css

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ddf5009cbb67f33a106495f05a1a3a8906a2f71df148ab9e94276af25c7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:20 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 Mar 2024 04:31:01 GMT
x-content-type-options: nosniff
etag: "45992963"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/css
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayb
x-forwarded-for: {headers.x-forwarded-for}
cache-control: no-store
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block

GET
H2 200 idi-sdk.2.2.js Show response
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 13 KB
13 KB 820ms
819ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54b9c896a4e76a60a0cd784ebefd26d287c212d76d5fd02827e67797e4a44aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:21 GMT
last-modified: Tue, 20 Feb 2024 22:03:41 GMT
content-md5: aBEBsjVP6gZfFzDV5ZUQYA==
etag: 0x8DC325FCC953C8A
vary: Origin
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayc
content-type: application/javascript
x-ms-request-id: a42bd9cc-901e-0015-3568-7c0578000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 13192

GET
H2 200 initAddToAppleWallet.js Show response
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 8 KB
8 KB 767ms
766ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:21 GMT
last-modified: Sat, 27 Jan 2024 23:03:45 GMT
content-md5: rl2IGcGPimXxr8QuWkLEDQ==
etag: 0x8DC1F8C36C162B3
vary: Origin
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayd
content-type: application/javascript
x-ms-request-id: 4f68d37f-401e-0016-3d68-7ce41c000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 7740

GET
H2 200 s2p.min.js Show response
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 100 KB
100 KB 814ms
813ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:21 GMT
last-modified: Sat, 27 Jan 2024 23:01:45 GMT
content-md5: M7wkXFxOb1gw8y4JIx2g2g==
etag: 0x8DC1F8BEF823DA9
vary: Origin
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uaye
content-type: application/javascript
x-ms-request-id: 0c0e36d0-d01e-0049-2f68-7c5020000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 101996

GET
H2 200 google.integration.min.js Show response
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 8 KB
9 KB 845ms
845ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:21 GMT
last-modified: Sat, 27 Jan 2024 23:02:52 GMT
content-md5: UX38KHZ6CslzP5Q7/hemEQ==
etag: 0x8DC1F8C1725C8E9
vary: Origin
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayf
content-type: application/javascript
x-ms-request-id: 02de5372-f01e-0003-2e68-7cf3af000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 8685

GET
H2 200 d6a9d794.js Show response
login.mypaymentvault.com/data/xContent/recipient/op/js/ 761 KB
763 KB 787ms
787ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9144b85784796ea9d07eb9097fe77a0e477ffcb21a3dc04cf3bafc6439678f91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:21 GMT
last-modified: Sat, 27 Jan 2024 23:00:51 GMT
content-md5: Do/dmMQdf4VSex38+oEYfA==
etag: 0x8DC1F8BCF618DBB
vary: Origin
x-azure-ref: 20240322T145220Z-04vefhdwet12dedtgczft5kz6400000003d000000000uayg
content-type: application/javascript
x-ms-request-id: 6cf8ea78-b01e-004f-1268-7c639f000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 779547

GET
BLOB 200
OK 054d216e-d8e1-4515-b93d-f424935208af
https://login.mypaymentvault.com/ 180 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://login.mypaymentvault.com/054d216e-d8e1-4515-b93d-f424935208af
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a19d809e449d80345c1dc9cdd0725216981478e2845429b115127382091edbc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 184023
Content-Type

OPTIONS
H2 200 getCopyTag
external.onbe.io/mypaymentvaultapi/v1/generic/ Frame 0
0 784ms
682ms Preflight 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-ip
Access-Control-Request-Method: POST
Origin: https://login.mypaymentvault.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-client-ip
access-control-allow-methods: POST
access-control-allow-origin: https://login.mypaymentvault.com
access-control-max-age: 300
content-length: 0
date: Fri, 22 Mar 2024 14:52:23 GMT
request-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
vary: Origin
x-azure-ref: 20240322T145223Z-w225auhxvp3q1ftfkp26k0tnbg00000003600000000066tz
x-cache: CONFIG_NOCACHE

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 156ms
56ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 14:52:23 GMT

GET
H2 200 cac94907833ae55f0a4c.otf
login.mypaymentvault.com/ 85 KB
85 KB 48ms
47ms Font
font/otf 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mypaymentvault.com/cac94907833ae55f0a4c.otf

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.mypaymentvault.com/styles.css
Origin: https://login.mypaymentvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:23 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Sun, 17 Mar 2024 04:31:01 GMT
etag: "45992963"
x-dns-prefetch-control: off
x-forwarded-for: {headers.x-forwarded-for}
content-type: font/otf
x-azure-ref: 20240322T145223Z-04vefhdwet12dedtgczft5kz6400000003d000000000ub75
x-cache: CONFIG_NOCACHE
cache-control: no-store
accept-ranges: bytes
content-length: 86528
x-xss-protection: 1; mode=block

GET
H2 200 8ff9389b19e9cea59194.ttf
login.mypaymentvault.com/ 110 KB
111 KB 50ms
50ms Font
font/ttf 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mypaymentvault.com/8ff9389b19e9cea59194.ttf

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22847930f7950d0a5ca38426a82642757a1c133de6f8612f94eb70d8434f0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.mypaymentvault.com/styles.css
Origin: https://login.mypaymentvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:23 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Sun, 17 Mar 2024 04:31:01 GMT
etag: "45992963"
x-dns-prefetch-control: off
x-forwarded-for: {headers.x-forwarded-for}
content-type: font/ttf
x-azure-ref: 20240322T145223Z-04vefhdwet12dedtgczft5kz6400000003d000000000ub76
x-cache: CONFIG_NOCACHE
cache-control: no-store
accept-ranges: bytes
content-length: 112892
x-xss-protection: 1; mode=block

GET
H2 200 paymentvault_logo.svg
login.mypaymentvault.com/data/xContent/recipient/op/images/ 4 KB
4 KB 191ms
190ms Image
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/images/paymentvault_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ec0e613cb6227303daa335c31ad64521cfb7fa1075a10b03f6e4c9f7c6906d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:23 GMT
last-modified: Sat, 03 Feb 2024 22:40:25 GMT
content-md5: aUg/zcFH737x377mUiMw1A==
etag: 0x8DC25091D74FC33
vary: Origin
x-azure-ref: 20240322T145223Z-04vefhdwet12dedtgczft5kz6400000003d000000000ub77
content-type: image/svg+xml
x-ms-request-id: 6cf8f718-b01e-004f-1c68-7c639f000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3822

GET
H2 200 inputbox-error.png
login.mypaymentvault.com/data/xContent/recipient/op/images/icons/ 499 B
855 B 196ms
195ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/images/icons/inputbox-error.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 627ebb0812c94e3db367536399589a89ed2ace20c175dd269db2714f7ede0b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:23 GMT
last-modified: Sat, 03 Feb 2024 22:40:30 GMT
content-md5: OvNEzuHIWEBJ2KWRrxF0cw==
etag: 0x8DC25092031A42B
vary: Origin
x-azure-ref: 20240322T145223Z-04vefhdwet12dedtgczft5kz6400000003d000000000ub78
content-type: image/png
x-ms-request-id: 0c0e4504-d01e-0049-2a68-7c5020000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 499

GET
H2 200 login_page.png
login.mypaymentvault.com/data/xContent/recipient/op/images/ 1 MB
1 MB 200ms
200ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.mypaymentvault.com/data/xContent/recipient/op/images/login_page.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d588adc0aff45f500b4ae4934a115e537616597e552afb73dbe8dab97965829c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.mypaymentvault.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2024 14:52:23 GMT
last-modified: Sat, 03 Feb 2024 22:40:41 GMT
content-md5: gNTfPwZdZ9BvRRX9RrGa5w==
etag: 0x8DC250926920634
vary: Origin
x-azure-ref: 20240322T145223Z-04vefhdwet12dedtgczft5kz6400000003d000000000ub79
content-type: image/png
x-ms-request-id: 02de599f-f01e-0003-7b68-7cf3af000000
x-cache: CONFIG_NOCACHE
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 1069497

POST
H2 200 getCopyTag Show response
external.onbe.io/mypaymentvaultapi/v1/generic/ 50 KB
50 KB 240ms
240ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d38ede4e3478bdbfa9563ac478d3e72bba4313d3ad069ca84ff69cb2e272a1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-client-ip: 0.0.0.0
Content-Type: application/json

Response headers

date: Fri, 22 Mar 2024 14:52:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-xss-protection: 0
request-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
pragma: no-cache
vary: Origin
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://login.mypaymentvault.com
access-control-expose-headers: Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-azure-ref: 20240322T145223Z-w225auhxvp3q1ftfkp26k0tnbg00000003600000000066ww
expires: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 499 KB
199 KB 147ms
46ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://login.mypaymentvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

GET
H2 200 crossdomain.html Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 597A 221 B
557 B 117ms
28ms Document
text/html 2600:9000:2490:ba00:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ba00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45070
content-length: 221
content-type: text/html
date: Fri, 22 Mar 2024 02:21:13 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id: jQPzvyXcxEg4JNhEHC_CAtjaPQH941YrHYH8bq6rEBsWbfjhZoqzAA==
x-amz-cf-pop: FRA56-P6
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame E7BE 221 B
556 B 118ms
28ms Document
text/html 2600:9000:275d:3c00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:3c00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66516
content-length: 221
content-type: text/html
date: Thu, 21 Mar 2024 20:23:48 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
x-amz-cf-id: VUQZ3chboDow-onu7CHizfJFHw0PVzUrNYklwHs4EpuIoQOzJlWQ0Q==
x-amz-cf-pop: FRA56-P11
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame CE02 221 B
555 B 111ms
28ms Document
text/html 2600:9000:2250:c200:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42716
content-length: 221
content-type: text/html
date: Fri, 22 Mar 2024 03:00:28 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-id: rckrk8YrtR2LkLs3tHEsmTjAHwBA27b-TXzoSgoq826XMtIrIxcVwg==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CFF7 46 KB
29 KB 75ms
74ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu&co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=normal&badge=bottomright&cb=prpa5o2zbwl8

Requested by

Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cd759eb4792b485323265c5cec65424f94aaec6bd5698629ca890c6d38dc9d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ouqk8VO6NN8kmUQEHd65xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ouqk8VO6NN8kmUQEHd65xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 14:52:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame CE02 3 KB
3 KB 29ms
29ms Script
application/javascript 2600:9000:2250:c200:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:43:59 GMT
x-amz-version-id: null
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 29305
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: G0C1Lvc5A8a-IPfLin0EPXR2wbUZumW_iFt4xjA2w_43nt7764S93Q==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 597A 3 KB
3 KB 29ms
29ms Script
application/javascript 2600:9000:2490:ba00:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ba00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 22 Mar 2024 03:04:12 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 42492
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: XFML2_7pp-De_fn1zUjiljtZ4Pm_kzpeoZBG5zQUs_2a1mV7iNHNTw==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame E7BE 3 KB
3 KB 30ms
30ms Script
application/javascript 2600:9000:275d:3c00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:3c00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 21 Mar 2024 19:37:43 GMT
via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 69281
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: 9vQAYHO5ZsPLGzyt5qq-_VVXVwMEUIKQYcX43RQsZSb9n_QzbA8tMA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CFF7 55 KB
24 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu&co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=normal&badge=bottomright&cb=prpa5o2zbwl8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 14:00:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CFF7 499 KB
198 KB 140ms
47ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

GET
DATA 200
OK truncated
/ Frame CFF7 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CFF7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CFF7 2 KB
2 KB 46ms
46ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 299216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 26 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFF7 15 KB
16 KB 146ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 328805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:32:19 GMT

GET
H3 200 71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js Show response
www.google.com/js/bg/ Frame CFF7 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/71GvYfWrnNVQPx7naAg-DUFGFB-SZxDN5_DRjoK90AI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef51af61f5ab9cd5503f1ee768083e0d4146141f926710cde7f0d18e82bdd002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu&co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=normal&badge=bottomright&cb=prpa5o2zbwl8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7337
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 16:48:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CFF7 102 B
135 B 55ms
55ms Other
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu&co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz&hl=de&type=image&v=Hq4JZivTyQ7GP8Kt571Tzodj&theme=light&size=normal&badge=bottomright&cb=prpa5o2zbwl8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 14:52:24 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1F74 7 KB
1 KB 56ms
56ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

025361c85e10326775e3626e27289300cb363099ab749c55262454ebd3a4457d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EXGWixBaQb00Dqp0hPp3hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EXGWixBaQb00Dqp0hPp3hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 14:52:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 1F74 55 KB
24 KB 46ms
46ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 14:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 14:00:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 1F74 499 KB
198 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LeC6DkpAAAAAFjjlon38EuJrTGpdVyCtEvFNbwu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 13:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 13:50:54 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.mypaymentvault.com/	1969-12-31 23:59:59	Name: ASLBSA Value: 00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e
login.mypaymentvault.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e
.mypaymentvault.com/	1970-01-21 04:04:15	Name: bmuid Value: 1711119142920-0B105E03-653D-4AE2-981A-B5AAA571E1C2
.mypaymentvault.com/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.mypaymentvault.com/	1970-01-20 19:18:42	Name: cdSNum Value: 1711119143425-sjn0000795-b21a7f47-8edd-4148-a896-98c064e3a6c0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
external.onbe.io
fonts.gstatic.com
login.mypaymentvault.com
www.google.com
www.gstatic.com
2600:9000:2250:c200:13:ab57:d440:93a1
2600:9000:2490:ba00:a:6cdf:4440:93a1
2600:9000:275d:3c00:1e:54f1:26c0:93a1
2620:1ec:46::45
2a00:1450:4001:806::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
025361c85e10326775e3626e27289300cb363099ab749c55262454ebd3a4457d
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21a0af500f4b3511fcaf2dd4876d9c5b1470e52e183277294833f4e8e3805b09
22847930f7950d0a5ca38426a82642757a1c133de6f8612f94eb70d8434f0fb1
22b2a491c3cf30da29d0bf442586de5731d89475b20e17b55be13f590b9b4952
2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40134e0d63a705e40e8739ec05a64f7794cd1d67c740b11603dc6f5922ce01c8
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
54b9c896a4e76a60a0cd784ebefd26d287c212d76d5fd02827e67797e4a44aeb
554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4
5cd759eb4792b485323265c5cec65424f94aaec6bd5698629ca890c6d38dc9d5
627ebb0812c94e3db367536399589a89ed2ace20c175dd269db2714f7ede0b40
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8ddf5009cbb67f33a106495f05a1a3a8906a2f71df148ab9e94276af25c7656a
9144b85784796ea9d07eb9097fe77a0e477ffcb21a3dc04cf3bafc6439678f91
9862e6ee164164b7aa3abc8838bf33c9519e1207a5e1508f7b45cad15c40debc
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
a19d809e449d80345c1dc9cdd0725216981478e2845429b115127382091edbc5
a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a
d38ede4e3478bdbfa9563ac478d3e72bba4313d3ad069ca84ff69cb2e272a1b4
d588adc0aff45f500b4ae4934a115e537616597e552afb73dbe8dab97965829c
e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7
ec0e613cb6227303daa335c31ad64521cfb7fa1075a10b03f6e4c9f7c6906d75
ef51af61f5ab9cd5503f1ee768083e0d4146141f926710cde7f0d18e82bdd002
f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc

login.mypaymentvault.com Open in urlscan Pro 2620:1ec:46::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

3188 kBTransfer

5293 kBSize

5 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.mypaymentvault.com Open in urlscan Pro
2620:1ec:46::45 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

3188 kB
Transfer

5293 kB
Size

5
Cookies

34 HTTP transactions
2 data transactions