urlscan.io logo urlscan.io
SecurityTrails logo

login.mypaymentvault.com Open in urlscan Pro
2620:1ec:bdf::44  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Submission Tags: falconsandbox
Submission: On September 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.mypaymentvault.com. The Cisco Umbrella rank of the primary domain is 429991.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 22nd 2024. Valid for: 6 months.
This is the only time login.mypaymentvault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2620:1ec:bdf::44 8075 (MICROSOFT...)
5 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 2600:9000:249... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
23 6
14    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.mypaymentvault.com
5    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
external.onbe.io
1    2600:9000:2490:e400:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)
1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1    2600:9000:21f3:c400:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
1.b406929acabac9b095f124c81bdfcf57f.com
1    2600:9000:2250:2800:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)
1.c81358859121583b7adf2ace89cb39f44.com
Apex Domain
Subdomains		 Transfer
14 mypaymentvault.com
login.mypaymentvault.com — Cisco Umbrella Rank: 429991
2 MB
5 onbe.io
external.onbe.io — Cisco Umbrella Rank: 541579
110 KB
1 c81358859121583b7adf2ace89cb39f44.com
1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 34033
1 b406929acabac9b095f124c81bdfcf57f.com
1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 34009
1 a79ab95c1589a13f8a4cab612bc71f9f7.com
1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 33858
23 5
Domain Requested by
14 login.mypaymentvault.com login.mypaymentvault.com
5 external.onbe.io login.mypaymentvault.com
1 1.c81358859121583b7adf2ace89cb39f44.com login.mypaymentvault.com
1 1.b406929acabac9b095f124c81bdfcf57f.com login.mypaymentvault.com
1 1.a79ab95c1589a13f8a4cab612bc71f9f7.com login.mypaymentvault.com
23 5

This site contains no links.

Subject Issuer Validity Valid
login.mypaymentvault.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-22 -
2024-10-22		 6 months crt.sh
external.onbe.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-22 -
2024-10-22		 6 months crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-31 -
2025-04-04		 a year crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-31 -
2025-04-07		 a year crt.sh
*.c81358859121583b7adf2ace89cb39f44.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-31 -
2025-04-07		 a year crt.sh

This page contains 4 frames:

Primary Page: https://login.mypaymentvault.com/payment/Tmobilerebate
Frame ID: 8F6204B3E8E17F723ED8AA1E3AECFE81
Requests: 17 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 7C637CDC2E5AC24CDD984EE6B2E2FDF6
Requests: 1 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 6A793C52066F40150E713D817590D7E6
Requests: 1 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: 57BD1B61DC77266AAEE9675FD62CD96A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyPaymentVault

Page Statistics

23
Requests

96 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1851 kB
Transfer

3245 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Tmobilerebate
login.mypaymentvault.com/payment/ 		938 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
634acbe13b191d97418ccc52725e8d5d82d8f318fa17e41a09fa29f5d95da49a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
br
content-type
text/html
date
Wed, 04 Sep 2024 02:06:04 GMT
etag
"26873908"
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb23
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-forwarded-for
{headers.x-forwarded-for}
x-xss-protection
1; mode=block
bundle.js
login.mypaymentvault.com/ 		2 MB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/bundle.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37bc4b059077b68b350b9a12ee448bce606d583274f83dcd615722a87e05647f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:04 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
x-content-type-options
nosniff
etag
"26873908"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb2c
x-forwarded-for
{headers.x-forwarded-for}
cache-control
no-store
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block
styles.css
login.mypaymentvault.com/ 		263 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/styles.css
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
acf2bcd66c80df9e1b264691b2ba55ac8e77e93f72256dfaa78711a83196ad45
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:04 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
x-content-type-options
nosniff
etag
"26873908"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb26
x-forwarded-for
{headers.x-forwarded-for}
cache-control
no-store
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block
d6a9d794.js
login.mypaymentvault.com/data/xContent/recipient/op/js/ 		761 KB
763 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9144b85784796ea9d07eb9097fe77a0e477ffcb21a3dc04cf3bafc6439678f91

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:05 GMT
last-modified
Tue, 02 Apr 2024 17:30:47 GMT
content-md5
Do/dmMQdf4VSex38+oEYfA==
etag
0x8DC533AA2427A1F
vary
Origin
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb27
content-type
application/javascript
x-ms-request-id
351774aa-f01e-002c-566e-fefe64000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
779547
idi-sdk.2.2.js
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc7edc14089cf38193d08a1d1b752fb6a260cfa70b31c1a89c5b2af03a88cd38

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:05 GMT
last-modified
Sun, 31 Mar 2024 04:09:03 GMT
content-md5
mW8rq5u6HuuH2ysqqJmxzA==
etag
0x8DC51384D008DD8
vary
Origin
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb28
content-type
application/javascript
x-ms-request-id
ccef6ec3-901e-0015-696e-fe0578000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
27864
initAddToAppleWallet.js
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:05 GMT
last-modified
Sun, 31 Mar 2024 04:08:46 GMT
content-md5
rl2IGcGPimXxr8QuWkLEDQ==
etag
0x8DC513842F3F1EE
vary
Origin
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb29
content-type
application/javascript
x-ms-request-id
5dbdd189-201e-002f-246e-fe1f00000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7740
s2p.min.js
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:05 GMT
last-modified
Sun, 31 Mar 2024 04:09:05 GMT
content-md5
M7wkXFxOb1gw8y4JIx2g2g==
etag
0x8DC51384E766D70
vary
Origin
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb2a
content-type
application/javascript
x-ms-request-id
41a53616-101e-000b-606e-fee9a0000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
101996
google.integration.min.js
login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/payment/Tmobilerebate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:05 GMT
last-modified
Sun, 31 Mar 2024 04:08:59 GMT
content-md5
UX38KHZ6CslzP5Q7/hemEQ==
etag
0x8DC51384AA93AE1
vary
Origin
x-azure-ref
20240904T020604Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb2b
content-type
application/javascript
x-ms-request-id
a93b45e6-301e-0051-196e-fe8f47000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
8685
4c55a64d-c32d-426e-b0d2-b76378208261
https://login.mypaymentvault.com/ Frame 		0
0
paymentHubFTUOnload
external.onbe.io/mypaymentvaultapi/v1/choice/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.onbe.io/mypaymentvaultapi/v1/choice/paymentHubFTUOnload
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c19807d88e937bd50c98278807389067c74d568736168aa55c895b606a399a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json;charset=UTF-8
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-client-ip
0.0.0.0
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Sep 2024 02:06:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-xss-protection
0
request-context
appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
pragma
no-cache
vary
Origin
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://login.mypaymentvault.com
access-control-expose-headers
Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-azure-ref
20240904T020609Z-166b9c58d6c8t8d2rkn92sp1gw0000000740000000008cfp
expires
0
getCopyTag
external.onbe.io/mypaymentvaultapi/v1/generic/ 		53 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f9a2257239e9410b4fa9c98290c67aa25bc5be86427e37e9ca118a05ed8868d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json;charset=UTF-8
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-client-ip
0.0.0.0
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Sep 2024 02:06:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-xss-protection
0
request-context
appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
pragma
no-cache
vary
Origin
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://login.mypaymentvault.com
access-control-expose-headers
Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-azure-ref
20240904T020609Z-166b9c58d6c8t8d2rkn92sp1gw0000000740000000008cfq
expires
0
paymentHubFTUOnload
external.onbe.io/mypaymentvaultapi/v1/choice/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://external.onbe.io/mypaymentvaultapi/v1/choice/paymentHubFTUOnload
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-ip
Access-Control-Request-Method
POST
Origin
https://login.mypaymentvault.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-client-ip
access-control-allow-methods
POST
access-control-allow-origin
https://login.mypaymentvault.com
access-control-max-age
300
content-length
0
date
Wed, 04 Sep 2024 02:06:09 GMT
request-context
appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
vary
Origin
x-azure-ref
20240904T020608Z-166b9c58d6c8t8d2rkn92sp1gw0000000740000000008cex
x-cache
CONFIG_NOCACHE
getCopyTag
external.onbe.io/mypaymentvaultapi/v1/generic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-ip
Access-Control-Request-Method
POST
Origin
https://login.mypaymentvault.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-client-ip
access-control-allow-methods
POST
access-control-allow-origin
https://login.mypaymentvault.com
access-control-max-age
300
content-length
0
date
Wed, 04 Sep 2024 02:06:09 GMT
request-context
appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
vary
Origin
x-azure-ref
20240904T020608Z-166b9c58d6c8t8d2rkn92sp1gw0000000740000000008cew
x-cache
CONFIG_NOCACHE
FaviconOnbeMarkBlack300ppi.png
login.mypaymentvault.com/payment/ 		938 B
963 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/payment/FaviconOnbeMarkBlack300ppi.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
634acbe13b191d97418ccc52725e8d5d82d8f318fa17e41a09fa29f5d95da49a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/payment/Tmobilerebate
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:08 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
x-content-type-options
nosniff
etag
"26873908"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/html
x-azure-ref
20240904T020608Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cb90
x-forwarded-for
{headers.x-forwarded-for}
cache-control
no-store
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block
crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 7C63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e400:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
15197
content-length
221
content-type
text/html
date
Tue, 03 Sep 2024 21:52:53 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-id
vemFBot3-i8kAw3bSjJR29mtKqGxRUYWudv1MifPQQrVftsNwfdMSg==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 6A79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
39821
content-length
221
content-type
text/html
date
Tue, 03 Sep 2024 15:02:29 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id
b7tyeqeT9zv2PdtpdHrhYIxvyEUrhqDXKv4F0txDApLUSfGCxI-HSA==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 57BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d794.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2800:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
78820
content-length
221
content-type
text/html
date
Tue, 03 Sep 2024 04:12:30 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
D96MHhhBNPjv-HevSPVDtn-XKDYPjl5wqDulWKocvF4r5uPxQnl6Mw==
x-amz-cf-pop
FRA60-P2
x-amz-version-id
null
x-cache
Hit from cloudfront
paymentvault_logo.svg
login.mypaymentvault.com/data/xContent/recipient/TMO_Virtual_4847/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/TMO_Virtual_4847/images/paymentvault_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5387f44b9ea3146bd2af896c47ce33b602f26efdd5344fb57de9817127ced1d5

Request headers

Referer
https://login.mypaymentvault.com/choiceLogin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:10 GMT
last-modified
Sun, 31 Mar 2024 04:09:09 GMT
content-md5
I1U3e1G6el+s8NANg+Bvvw==
etag
0x8DC513850812EDD
vary
Origin
x-azure-ref
20240904T020610Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cbbd
content-type
image/svg+xml
x-ms-request-id
41a54ddd-101e-000b-776f-fee9a0000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3181
login_page.png
login.mypaymentvault.com/data/xContent/recipient/TMO_Virtual_4847/images/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.mypaymentvault.com/data/xContent/recipient/TMO_Virtual_4847/images/login_page.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c65e28cb7e173e90144cf7259a9421f71fd35498b80b2fcbd2b445ef60d7f2ed

Request headers

Referer
https://login.mypaymentvault.com/choiceLogin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Sep 2024 02:06:10 GMT
last-modified
Sun, 31 Mar 2024 04:09:04 GMT
content-md5
liWdmjEu1+MDX4qQKZ4yGg==
etag
0x8DC51384D8ACCCE
vary
Origin
x-azure-ref
20240904T020610Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cbbe
content-type
image/png
x-ms-request-id
3517870e-f01e-002c-6a6f-fefe64000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
173355
getCopyTag
external.onbe.io/mypaymentvaultapi/v1/generic/ 		53 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f9a2257239e9410b4fa9c98290c67aa25bc5be86427e37e9ca118a05ed8868d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json;charset=UTF-8
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-client-ip
0.0.0.0
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Sep 2024 02:06:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-xss-protection
0
request-context
appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde
pragma
no-cache
vary
Origin
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://login.mypaymentvault.com
access-control-expose-headers
Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-azure-ref
20240904T020610Z-166b9c58d6c8t8d2rkn92sp1gw0000000740000000008cgh
expires
0
cac94907833ae55f0a4c.otf
login.mypaymentvault.com/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/cac94907833ae55f0a4c.otf
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/styles.css
Origin
https://login.mypaymentvault.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:10 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
etag
"26873908"
x-dns-prefetch-control
off
x-forwarded-for
{headers.x-forwarded-for}
content-type
font/otf
x-azure-ref
20240904T020610Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cbbg
x-cache
CONFIG_NOCACHE
cache-control
no-store
accept-ranges
bytes
content-length
86528
x-xss-protection
1; mode=block
8ff9389b19e9cea59194.ttf
login.mypaymentvault.com/ 		110 KB
111 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/8ff9389b19e9cea59194.ttf
Requested by
Host: login.mypaymentvault.com
URL: https://login.mypaymentvault.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22847930f7950d0a5ca38426a82642757a1c133de6f8612f94eb70d8434f0fb1
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/styles.css
Origin
https://login.mypaymentvault.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:10 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
etag
"26873908"
x-dns-prefetch-control
off
x-forwarded-for
{headers.x-forwarded-for}
content-type
font/ttf
x-azure-ref
20240904T020610Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cbbh
x-cache
CONFIG_NOCACHE
cache-control
no-store
accept-ranges
bytes
content-length
112892
x-xss-protection
1; mode=block
FaviconOnbeMarkBlack300ppi.png
login.mypaymentvault.com/ 		938 B
963 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.mypaymentvault.com/FaviconOnbeMarkBlack300ppi.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
634acbe13b191d97418ccc52725e8d5d82d8f318fa17e41a09fa29f5d95da49a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.mypaymentvault.com/choiceLogin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 02:06:10 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Sun, 18 Aug 2024 04:43:10 GMT
x-content-type-options
nosniff
etag
"26873908"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/html
x-azure-ref
20240904T020610Z-r19c76bc86b5tz28cdtqg03avs00000006qg00000000cbbn
x-forwarded-for
{headers.x-forwarded-for}
cache-control
no-store
x-cache
CONFIG_NOCACHE
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.mypaymentvault.com
URL
blob:https://login.mypaymentvault.com/4c55a64d-c32d-426e-b0d2-b76378208261

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cdwpb object| cdApi object| idiSDK object| ALLOWED_CONFIG_KEYS object| SDK_ERROR_CODES object| ERROR_LABELS function| eventify function| initAddToAppleWallet object| spay function| r function| t function| v function| w object| y function| z function| A function| B object| googlepay object| webpackChunkproject function| _ object| recaptchaOptions object| mixpanelEvents

5 Cookies

Domain/Path Name / Value
login.mypaymentvault.com/ Name: ASLBSA
Value: 00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e
login.mypaymentvault.com/ Name: ASLBSACORS
Value: 00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e
.mypaymentvault.com/ Name: bmuid
Value: 1725415568631-7AEC57DC-C857-4D47-AA1C-DC3B875CC2B1
.mypaymentvault.com/ Name: cdContextId
Value: 2
.mypaymentvault.com/ Name: cdSNum
Value: 1725415570515-sjc0000372-35f6b173-1954-448e-bdd0-813a9c8f7bac

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block