urlscan.io logo urlscan.io
SecurityTrails logo

login.pay1.de Open in urlscan Pro
185.60.20.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.pay1.de/
Effective URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_...
Submission: On May 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 185.60.20.80, located in Germany and belongs to PAYONE-ECOM, DE. The main domain is login.pay1.de.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 24th 2023. Valid for: a year.
This is the only time login.pay1.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 185.60.20.80 212603 (PAYONE-ECOM)
2 2 185.60.20.40 212603 (PAYONE-ECOM)
12 2
Apex Domain
Subdomains		 Transfer
16 pay1.de
login.pay1.de
pmi.pay1.de
176 KB
12 1
Domain Requested by
14 login.pay1.de 2 redirects login.pay1.de
2 pmi.pay1.de 2 redirects
12 2

This site contains links to these domains. Also see Links.

Domain
www.payone.com
www.facebook.com
twitter.com
www.xing.com
www.linkedin.com
Subject Issuer Validity Valid
login.pay1.de
Sectigo RSA Organization Validation Secure Server CA		 2023-05-24 -
2024-05-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Frame ID: AFDE0E39D230797DF9D385B07610AD9A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PAYONE Merchant Interface - Händler login

Page URL History Show full URLs

  1. https://login.pay1.de/ HTTP 302
    https://pmi.pay1.de/logout.php HTTP 302
    https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/logout?redirect_uri=https%3A%2F... HTTP 302
    https://pmi.pay1.de/ HTTP 302
    https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

174 kB
Transfer

183 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.pay1.de/ HTTP 302
    https://pmi.pay1.de/logout.php HTTP 302
    https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/logout?redirect_uri=https%3A%2F%2Fpmi.pay1.de%2F HTTP 302
    https://pmi.pay1.de/ HTTP 302
    https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
login.pay1.de/auth/realms/bspayone/protocol/openid-connect/
Redirect Chain
  • https://login.pay1.de/
  • https://pmi.pay1.de/logout.php
  • https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/logout?redirect_uri=https%3A%2F%2Fpmi.pay1.de%2F
  • https://pmi.pay1.de/
  • https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
2adb0261db67f654f25e299c86ae98fe5f6316969d2a9de73b3adc1e5832547f
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
de
Content-Length
2246
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Tue, 14 May 2024 14:33:34 GMT
Keep-Alive
timeout=2, max=998
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 May 2024 14:33:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=2, max=999
Location
https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
p1-style.css
login.pay1.de/auth/resources/2k16s/login/payone/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-style.css
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
98a2ff6c24e5380963097e754e0716c763f3b94cde1fd80f5975f88b5a8f9685
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=997
Content-Length
2421
X-XSS-Protection
1; mode=block
p1-kc-style.css
login.pay1.de/auth/resources/2k16s/login/payone/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-kc-style.css
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
084167985a5341aba1928f1b6503c22897de8e388a3e1594177faee7b3fc270f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=996
Content-Length
803
X-XSS-Protection
1; mode=block
jquery-3.3.1.min.js
login.pay1.de/auth/resources/2k16s/login/payone/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/js/jquery-3.3.1.min.js
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=1000
X-XSS-Protection
1; mode=block
login.js
login.pay1.de/auth/resources/2k16s/login/payone/js/ 		636 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/js/login.js
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
614b91688f94244801f16016901bcf749f0543b3864cefed6b72e98794781a9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=1000
Content-Length
636
X-XSS-Protection
1; mode=block
cookiescript.js
login.pay1.de/auth/resources/2k16s/login/payone/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/js/cookiescript.js
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
3535352a58bead60317e8539c8bb15f9bf147a62a27e9f0a9019adb3048f6385
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=995
Content-Length
1038
X-XSS-Protection
1; mode=block
icon-logo.svg
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/icon-logo.svg
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/realms/bspayone/protocol/openid-connect/auth?response_type=code&client_id=php-pmi&redirect_uri=https%3A%2F%2Fpmi.pay1.de%2Fmerchants%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
3c0c96b1316bf75541ca335c758c54dea73c434749c96f8e8361b43261a3ad9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:34 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=1000
Content-Length
3517
X-XSS-Protection
1; mode=block
truncated
/ 		390 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e56b75c9ab01164ebb02674e533d8a374c43e16af4faf95630f3ece4739e6f07

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
icon-facebook.svg
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/icon-facebook.svg
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
6f446bf1aedb56bb362bacb7c30063dce9148b3c284b6e2fb5fc5a7b6a1ab006
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=999
Content-Length
1189
X-XSS-Protection
1; mode=block
icon-twitter.svg
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/icon-twitter.svg
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
2ba6e4dd0d021065379710e97321c65143ec5bc8e94b1c75299550469757d828
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=999
Content-Length
2089
X-XSS-Protection
1; mode=block
icon-xing.svg
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/icon-xing.svg
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
73ac4c269db560ba2101e2b35b51785f3307afab399e66f13b7f4ec395fd9a48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=994
Content-Length
2012
X-XSS-Protection
1; mode=block
icon-linkedin.svg
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/icon-linkedin.svg
Requested by
Host: login.pay1.de
URL: https://login.pay1.de/auth/resources/2k16s/login/payone/css/p1-style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
c9927fa83cb1225f5fa8e5750932b6cfbbf3328718975d65a3a0b911de1e8ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=999
Content-Length
1731
X-XSS-Protection
1; mode=block
favicon.ico
login.pay1.de/auth/resources/2k16s/login/payone/img/ 		66 KB
66 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.pay1.de/auth/resources/2k16s/login/payone/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.20.80 , Germany, ASN212603 (PAYONE-ECOM, DE),
Reverse DNS
fra.pay1.de
Software
/
Resource Hash
a413c005024bf6bd139b0aa16fa67ced3e479b8d5d015fc36a8f0a4fd79e7620
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Date
Tue, 14 May 2024 14:33:35 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=2, max=998
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| cookieName function| createCookie function| isCookieSet

5 Cookies

Domain/Path Name / Value
login.pay1.de/auth/realms/bspayone/ Name: AUTH_SESSION_ID
Value: dd2a49f6-2dc1-4bbb-81f2-802e92136bf2.auth01
login.pay1.de/auth/realms/bspayone/ Name: AUTH_SESSION_ID_LEGACY
Value: dd2a49f6-2dc1-4bbb-81f2-802e92136bf2.auth01
login.pay1.de/auth/realms/bspayone/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4ODNlNTcyMy02OWE0LTQzZjgtYWU1Mi1lZTE1Yzk0ZjdlNjgifQ.eyJjaWQiOiJwaHAtcG1pIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9wbWkucGF5MS5kZS9tZXJjaGFudHMvaW5kZXgucGhwIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsiaXNzIjoiaHR0cHM6Ly9sb2dpbi5wYXkxLmRlL2F1dGgvcmVhbG1zL2JzcGF5b25lIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3BtaS5wYXkxLmRlL21lcmNoYW50cy9pbmRleC5waHAifX0.iA0ISW2Z82Z1rFqzzipmeCY_ct1ty29qqkz5ddJNnTA
pmi.pay1.de/ Name: PHPSESSID
Value: 1f07d5c924434acabb41e06356291f66
pmi.pay1.de/ Name: lg_lang
Value: de

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block