prdwmq.etimspayments.com Open in urlscan Pro
45.60.76.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Effective URL:
https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Submission: On May 05 via manual (May 5th 2024, 4:23:04 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 45.60.76.25, located in United States and belongs to INCAPSULA, US. The main domain is prdwmq.etimspayments.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 18th 2023. Valid for: 6 months.

This is the only time prdwmq.etimspayments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	45.60.80.189 45.60.80.189	19551 (INCAPSULA) (INCAPSULA)
5	45.60.76.25 45.60.76.25	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	5

5 45.60.80.189 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

wmq.etimspayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.60.76.25 (United States)

ASN19551 (INCAPSULA, US)

prdwmq.etimspayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	etimspayments.com 1 redirects wmq.etimspayments.com — Cisco Umbrella Rank: 470891 prdwmq.etimspayments.com	52 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
12	3

	Domain	Requested by
5	prdwmq.etimspayments.com	wmq.etimspayments.com prdwmq.etimspayments.com
5	wmq.etimspayments.com	1 redirects wmq.etimspayments.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	prdwmq.etimspayments.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2024-01-01` - `2024-06-29`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Frame ID: F0DA37FF8D8C6717CB9FB9844DE4F0B7
Requests: 9 HTTP requests in this frame

Frame: https://prdwmq.etimspayments.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-20108817-0%200NNN%20RT%281714882979783%2028%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U18&incident_id=1368000040040917308-82336318450303245&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Frame ID: AEF4CFE330356B92C20EB72528212F36
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp Page URL
https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp HTTP 302
https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp Page URL

Detected technologies

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

99 kB
Transfer

386 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp Page URL
https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp HTTP 302
https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 login_page.jsp Show response
wmq.etimspayments.com/pbw/include/vpportal/denver/ 212 B
662 B 573ms
26ms Document
text/html 45.60.80.189
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.80.189 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-length: 212
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-iinfo: 14-22370143-0 0NNN RT(1714882978236 27) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18
x-xss-protection: 1;mode=block

GET
H2 200 _Incapsula_Resource
wmq.etimspayments.com/ 182 KB
26 KB 32ms
32ms Script
application/javascript 45.60.80.189
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wmq.etimspayments.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: wmq.etimspayments.com
URL: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.80.189 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 26396
x-xss-protection: 1;mode=block

GET
H2 200 _Incapsula_Resource
wmq.etimspayments.com/ 29 B
59 B 23ms
22ms XHR
application/javascript 45.60.80.189
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wmq.etimspayments.com/_Incapsula_Resource?SWHANEDL=4333196298098918499,10104482629785602028,4335031807442260289,107472

Requested by

Host: wmq.etimspayments.com
URL: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.80.189 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 29
x-xss-protection: 1;mode=block
content-type: application/javascript

GET
H2

403

Primary Request login_page.jsp Show response
prdwmq.etimspayments.com/pbw/include/vpportal/denver/
Redirect Chain

https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

844 B
1 KB

800ms
28ms

Document
text/html

45.60.76.25
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Requested by

Host: wmq.etimspayments.com
URL: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.25 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

334348783fdf561002f51400a8a46db0ec2fb532ede7b12370044b04d8d0dd90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-length: 844
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-iinfo: 13-20108817-0 0NNN RT(1714882979783 28) q(0 -1 -1 0) r(0 -1) B16 U18
x-incap-sess-cookie-hdr: cOisOY2Q2ww86VvXyRz8EqMJN2YAAAAAJNUZQvbA4JygRQ23hEmgeA==
x-xss-protection: 1;mode=block

Redirect headers

content-length: 259
content-type: text/html; charset=iso-8859-1
date: Sun, 05 May 2024 04:22:58 GMT
location: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 14-22370143-22370180 NNNN CT(91 184 0) RT(1714882978236 151) q(0 0 3 -1) r(4 4) U11
x-xss-protection: 1;mode=block

GET
H2 200 _Incapsula_Resource
wmq.etimspayments.com/ 1 B
38 B 23ms
23ms Image
text/plain 45.60.80.189
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wmq.etimspayments.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7418474317783714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.80.189 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://wmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1;mode=block
content-type: text/plain

GET _Incapsula_Resource
wmq.etimspayments.com/ 0
0

GET
H2 200 _Incapsula_Resource Show response
prdwmq.etimspayments.com/ 136 KB
19 KB 85ms
28ms Script
application/javascript 45.60.76.25
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://prdwmq.etimspayments.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: prdwmq.etimspayments.com
URL: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.25 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9e73d307540ab3860df4d96c25c66cfbb05ecc74d02251d37721881ab8d04b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19695
x-xss-protection: 1;mode=block

GET
H2 200 _Incapsula_Resource
prdwmq.etimspayments.com/ 1 B
38 B 22ms
21ms Image
text/plain 45.60.76.25
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prdwmq.etimspayments.com/_Incapsula_Resource?SWKMTFSR=1&e=0.593618434265557

Requested by

Host: prdwmq.etimspayments.com
URL: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.25 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1;mode=block
content-type: text/plain

GET
H2 200 _Incapsula_Resource Show response
prdwmq.etimspayments.com/ Frame AEF4 9 KB
4 KB 22ms
22ms Document
text/html 45.60.76.25
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://prdwmq.etimspayments.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-20108817-0%200NNN%20RT%281714882979783%2028%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U18&incident_id=1368000040040917308-82336318450303245&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET

Requested by

Host: prdwmq.etimspayments.com
URL: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.25 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5864a9a944f65c5c16fe678d0ec1d60dbb439af566f4843ac0b81ddf8706afb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 3751
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: noindex
x-xss-protection: 1;mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame AEF4 9 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap

Requested by

Host: prdwmq.etimspayments.com
URL: https://prdwmq.etimspayments.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-20108817-0%200NNN%20RT%281714882979783%2028%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U18&incident_id=1368000040040917308-82336318450303245&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prdwmq.etimspayments.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 May 2024 04:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 May 2024 02:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 May 2024 04:23:00 GMT

GET
DATA 200
OK truncated
/ Frame AEF4 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fefd82032600b1979cc5f02c1786044b8d91109a5d5c52051f05356ae41861fc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame AEF4 46 KB
46 KB 71ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://prdwmq.etimspayments.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:48:42 GMT
x-content-type-options: nosniff
age: 419658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:48:42 GMT

GET
H2 403 favicon.ico
prdwmq.etimspayments.com/ 737 B
833 B 23ms
23ms Other
text/html 45.60.76.25
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://prdwmq.etimspayments.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.25 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

947337fcde4e82c6fcca43c5cc3f9aef1d87ed91984a7175da7eaa0fea36c184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iinfo: 13-20108839-0 0NNN RT(1714882979874 215) q(0 -1 -1 -1) r(0 -1) B16 U18
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-content-type-options: nosniff
content-length: 737
x-xss-protection: 1;mode=block
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wmq.etimspayments.com
URL: https://wmq.etimspayments.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A26%2Cr%3A1220)

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.etimspayments.com/	1970-01-21 05:06:38	Name: visid_incap_391913 Value: Ez+U74s6TDed8H/JIUpOBaIJN2YAAAAAQUIPAAAAAABkh5tX+zICdAgPylBo1Qv0
.etimspayments.com/	1969-12-31 23:59:59	Name: incap_ses_184_391913 Value: dIHUFecJ6A+eQ1wWErONAqIJN2YAAAAAZfs8655WWFHcVAj/67f9AQ==
.etimspayments.com/	1969-12-31 23:59:59	Name: nlbi_391913 Value: xIDrZjnOS2ZlKhkUSsw+NgAAAABRccwSBB89/FpcgqP91mYG
.etimspayments.com/	1970-01-21 05:06:41	Name: visid_incap_2087381 Value: B5xteDnUTESMXQeuL4dRg6MJN2YAAAAAQUIPAAAAAADcF9TXt3yPDMju3e2lzmym
.etimspayments.com/	1969-12-31 23:59:59	Name: incap_ses_1368_2087381 Value: 4o/TFierTmY86VvXyRz8EqMJN2YAAAAAwA2CYd3uHn/BcpeV9QnW9A==
prdwmq.etimspayments.com/	1970-01-20 20:21:23	Name: ___utmvc Value: 1xdK+6nF3dmYOJ0sgJ6gaHhgxM9X4ZnOKELmK3lZ37sckf7lR3oWHpksYqLtODnK9RlKyGH0N6ObPR2YdSiqQN+4QQYSLOfhrQXHL50NZ0jUiu6HPJf68V/SbO9WETvdYNw3Z96VIW6vHYHXCnbydKsbC0wvU2zc3KjdtmqN8bu5o0iz0wTxIN1Xb1Ls+sKk5h5mjpz7j4mlPQ7eohET3gIfiDdtj5mLp8cb6QrRCRf7dzj42uinTyju60UL8gidfENFR5sOaoq2PAUjBk5UIrSdXQGMqEL8CqLJaXzSL2W3thL4zCL5+K0mFE0sL9LCvjpsxt5ROyytlTSIISZvUr0/2whqPaReukNr3g5ryTwype+FfnJufbWsqaGCMbBh6JBITctsjA0zGZjNk+REjdrPvuAaR/effDlb0YzOkKO+Nsj0XozLeiaj9HhspSgXvBlZtNo+XhLv5MTPy5gUk8wYShUmZp0iwi4x0tM1ifUFWWPXrwDLsjjrDHnyGimKYSXga14MbVQaA019XwQ9JOnf9e3uKmTGwvjHiTTeiEXZKehaZhzp1SnV68RQ2wQRa4dJOAj6prY3hLmrtfV4IwVfR94lPi3JtbBtcllTB20ez5IlVs4R4Idp7nistczuGaA1TqWaD74OdBrGKZbMAoNam8GEkdPcqe+vqvLMxX94q7SrAIJbs+/m6tEQfrmBz5a+KBubY34QA/0TITp7vvHzHAU/emSoISpPyfL22cEjzj2P1+NKJWzzRXLPx1Ub75AtTp1fNkPO5omjhcLJECmwLLTiMh6uVGsxGs93t70viJl0hpTpZHYzJJHP2danraKH6KoJRLI344Jf7kvva/6jptHKTKBAcRTgjG8ogDrxbT0cOZ0oIsUSgoIuohpkNxxh4jiuwy188P0kEpc9u5TafKmRLSqgqADXkNO/yPbBqifPopjZhem/m5ZKJaxyIZ7/gspI+wK59tMqULsaZrt6mv++Fp/RofCmFHDo06VejS+DOh/HAC7IDvLpLfPCn2NaWzT659new6sD9KzSS1BLbMLMCnPaDfymWNZf6nHnk6wPlnm3mu2o98dGyDiobfl6aNICaTGD741QxB1q2WMnLpHe54ptswtjvq7FQvIxIhmXItdVnTZrCKuGDFKMkkj+zhWACAYR6hOrm5Cj2QAhq7f5+m0EvlWJyG+BRp5Em+IQHJpUJd7VibpEHljLMKCiF4LXRnAoOFU3QoFD/Co17RSa/YGoWg4CiMrXHUICib5R+/fMegRFSQqyfqMcJEG5GgGUyaOZtbzMrV2ydyAEmTyXlzu+Pb3Usm1CfEXgLtlZu9mdWQ9gF78LVA0/bUFgcXoCTV9XQmEEtNr5IofP0/2cLdtaagjqSAIEi9BPNGZ0h97No/g8FwiVs1iouPO4fhaKMB2lOZ2eJLJHWgv9CjSus5CQgaf6IZzPN++sxywod7VsGPosExD1ThzYhtuakAUFxXE8CmTeumejuIR1kSirPqOl0cBHgTm6G8XpjS73F77TON0B8nMPQ5MBA9g7ewolbNxHLTlXKHoCiwX2hUkTvAtHUCvUOWy8EQM1SoQR8vyRHhzhjN+YBI9Wz8DoDGdbZMKWWPtv4BHXgK4gf6lYsTGfBgFtyNK/E6FrTL2wKERj2ZO5+OlOV86lvTcSoYj94ohviilgUKffVTT5n9MSS62ltj8ew3RaAKOF7Jsx+5CI4zZMD4/C2EgcRZ6r0Wazx6UAmm+OKpSbt/JrTWIveVPbfLlSovNZgv4dm7C4+U4DKTAEKYKQN/OlWfuam3vS+A2QhUDNHdDQVUcaqWOy6et3Pix6PgK3bS0wvm2+wLxU9kXVTVz/ZenGNGwzlTaMZ9V3bvLoi33hIyWfQQ3C9GJAEfVZ+mDQgTunjJ24BZQapRxAgLikDg6MWDNWJlHs5IM6K7/c/2OgpQHKK+VuFROXrC/ceNKRGiTIsXfupuzCV+nOG346uY3U82ZBC1GtuZK6A0G0LEAVAZzBYJLDiSef1aNz+mXuI5ApJGGXvKVtVei4ruTICg1FshHDTd5T393kh+6ZDDIGiyd6QRzMUcrGGgNBM7Tsh/oi4rTaQRY1EioajgBG+z3MOVumT0ARcHa5UR+7FGyLPUinyx9Hhm4Zm/+z9+sPd2FxOZqq5bK6fWmDeqT+5JjFoSiUsy8Yx732DvqSPuCSnBHZ35V0nu1+hSfjPG/lJJ/uDH1mQWLiHXpH5ZEb0EL7VJXre7H5ezDkJapKFUqZ9cCtC1S1LQXJopZiAZhqTIokEb01YSGpj3mB2/fMmG3avtfcV+XQq/ktTg83AsxI6tBN1s7vH6BI5J9MFWs5d1nHE5xesVwAP3uiZrLSOi1sC7X1Z0jbrSJtKaEA6IzrhHfiIlTch1gf1eZakLcFPqmw+1ZpnFfDzSz/3oH/KljQ6dOa/lzTamIX/EgkmTIkXXgkBC1PD2EVmGT8oxz67J2Il0/eaNlEQUC+5JRWYA/9vp6btKRjlLYejFPaJSkHaWatXDJzynmHWZYWUMKUBzzi/PTyWRLvWzu6IjIeUoSgiXF8s0TAearQjjpsML6Hu9+7bsX5hmkNXRRv1KQpt+waxVIiC1Fm/FfBklOM4KHZNfBSDku8nk1XJ96hu6PgmAWuDhlQ9+/d3ldRU9V3vRMTQ1+cqqwt+6bVaIAEYRUEIMo1rbYTtExPcn68foR2BP60FyFJlh6xFuQAD3XW375tE3LOhyRQGYFMrzUztFU2VBCqtwVa9uq5qWfo1SK9FuDw+cq6qLx86/yfOy7C4sbY27yYWATo9sssZGlnZXN0PTE5MTkzNCwxOTIyMzAscz01YzY4YTk2ODc2OTU3OTYwYTc3NWEyYWI3MTgwODc5Y2E2OTc5NTc0NjU4ZDlkOGFhMWExNWM4ZDYzYTk3OGEzYTQ4MzliODk3Yzg0NmQ2ZQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prdwmq.etimspayments.com/pbw/include/vpportal/denver/login_page.jsp Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://prdwmq.etimspayments.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
prdwmq.etimspayments.com
wmq.etimspayments.com
wmq.etimspayments.com
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
45.60.76.25
45.60.80.189
334348783fdf561002f51400a8a46db0ec2fb532ede7b12370044b04d8d0dd90
5864a9a944f65c5c16fe678d0ec1d60dbb439af566f4843ac0b81ddf8706afb7
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
947337fcde4e82c6fcca43c5cc3f9aef1d87ed91984a7175da7eaa0fea36c184
9e73d307540ab3860df4d96c25c66cfbb05ecc74d02251d37721881ab8d04b57
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fefd82032600b1979cc5f02c1786044b8d91109a5d5c52051f05356ae41861fc

prdwmq.etimspayments.com Open in urlscan Pro 45.60.76.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

99 kBTransfer

386 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

prdwmq.etimspayments.com Open in urlscan Pro
45.60.76.25 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

99 kB
Transfer

386 kB
Size

6
Cookies

12 HTTP transactions
1 data transactions