expensebrain.ch Open in urlscan Pro
2a01:4f8:c010:305::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://expense-brain.ch/
Effective URL:
https://expensebrain.ch/
Submission: On March 05 via api (March 5th 2024, 11:57:57 am UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a01:4f8:c010:305::1, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is expensebrain.ch.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.

This is the only time expensebrain.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2a01:4f8:c010... 2a01:4f8:c010:305::1	24940 (HETZNER-AS) (HETZNER-AS)
7	2a01:4f8:241:... 2a01:4f8:241:422b::2	24940 (HETZNER-AS) (HETZNER-AS)
2	172.65.255.172 172.65.255.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:29af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	8

30 2a01:4f8:c010:305::1 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

expense-brain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
expensebrain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a01:4f8:241:422b::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

www.byteanalytics.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	expensebrain.ch expensebrain.ch	311 KB
7	byteanalytics.de www.byteanalytics.de	26 KB
5	gstatic.com fonts.gstatic.com	234 KB
3	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 27212 forms.hsforms.com — Cisco Umbrella Rank: 4386	8 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
2	hsforms.net js-eu1.hsforms.net — Cisco Umbrella Rank: 51220	307 KB
1	calendly.com assets.calendly.com — Cisco Umbrella Rank: 13671	19 KB
1	expense-brain.ch 1 redirects expense-brain.ch	117 B
50	8

	Domain	Requested by
29	expensebrain.ch	expensebrain.ch
7	www.byteanalytics.de	expensebrain.ch www.byteanalytics.de
5	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	expensebrain.ch js-eu1.hsforms.net
2	forms-eu1.hsforms.com	js-eu1.hsforms.net
2	js-eu1.hsforms.net	expensebrain.ch js-eu1.hsforms.net
1	forms.hsforms.com
1	assets.calendly.com	expensebrain.ch
1	expense-brain.ch	1 redirects
50	9

This site contains links to these domains. Also see Links.

Domain
www.expensebrain.de
www.expensebrain.at
fr.expensebrain.com
www.facebook.com
www.linkedin.com
www.travelbrain.ch
www.expensebrain.ch
www.exensebrain.de
www.google.com
www.priobyte.de

Subject Issuer	Validity	Valid
expensebrain.ch R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
byteanalytics.de R3	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
calendly.com E1	`2024-02-03` - `2024-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://expensebrain.ch/
Frame ID: CCC416FDC7BB736E8564B5E59EA11930
Requests: 42 HTTP requests in this frame

Frame: https://js-eu1.hsforms.net/forms/shell.js
Frame ID: 35CF226AF8F88904C8284016EFE35AD6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Management Consulting | Reisekosten vereinfachen

Page URL History Show full URLs

https://expense-brain.ch/ HTTP 301
https://expensebrain.ch/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

908 kB
Transfer

2404 kB
Size

4
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.expensebrain.de/hallo
Title: Kontakt aufnehmen

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.expensebrain.at/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://fr.expensebrain.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/termine
Title: Jetzt kostenloses Erstgespräch Buchen!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/expenseBrain/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/expensebrain

Search URL Search Domain Scan URL

URL: https://www.travelbrain.ch/

Search URL Search Domain Scan URL

URL: https://www.expensebrain.ch/

Search URL Search Domain Scan URL

URL: https://www.expensebrain.ch/unternehmen
Title: Unternehmen

Search URL Search Domain Scan URL

URL: https://www.exensebrain.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.exensebrain.de//impressum
Title: Kontakt/ Impressum

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/travel-management/consulting
Title: Beratung für Geschäftsreisen in der Schweiz

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/travel-management/projekte-leiten
Title: Projektleitung

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Robert-Bosch-Stra%C3%9Fe+29A,+88131+Lindau+(Bodensee)/@47.5502318,9.7268764,18.75z/data=!4m5!3m4!1s0x479b0c536e6c67df:0xd67815088731a97c!8m2!3d47.5502039!4d9.7274304
Title: Robert-Bosch-Str. 29a, DE-88131 Lindau

Search URL Search Domain Scan URL

URL: https://www.priobyte.de/
Title: Priobyte

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://expense-brain.ch/ HTTP 301
https://expensebrain.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
expensebrain.ch/
Redirect Chain

https://expense-brain.ch/
https://expensebrain.ch/

25 KB
6 KB

1121ms
144ms

Document
text/html

2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: 14b4c3f9d5b9d8c5da6cc652d37cce16869a98882b584c79e87eaefd9613e80d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6291
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 11:57:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Host,Accept-Encoding
x-powered-by: PHP/7.4.30 PleskLin

Redirect headers

content-length: 299
content-type: text/html; charset=iso-8859-1
date: Tue, 05 Mar 2024 11:57:50 GMT
location: https://expensebrain.ch/
server: nginx
x-powered-by: PleskLin

GET
H2 200 bootstrap.min.css
expensebrain.ch/assets/vendor/bootstrap/css/ 157 KB
24 KB 132ms
130ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "27288-5b96780233418-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 23916

GET
H2 200 style.css
expensebrain.ch/assets/vendor/icomoon/ 1 KB
760 B 242ms
240ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/icomoon/style.css
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6163e44f0af49c4f99c972085abc1dcfdd9b2a40090ebe2d1e37c516bcb01c27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "5a0-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 536

GET
H2 200 style.css
expensebrain.ch/assets/css/ 134 KB
22 KB 239ms
238ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/css/style.css
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 530f8d6eea5bc88e42d1432bee189181772fc31410fb0a08d5ce304362b53763

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 11:56:39 GMT
server: nginx
etag: "217f3-5f8a999edb152-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 21958

GET
H2 200 responsive.css
expensebrain.ch/assets/css/ 12 KB
3 KB 242ms
241ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/css/responsive.css
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ff3333500ce0691b3b568fd66583c3929f49f245f0221e16452d5bdacd188700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 10:48:08 GMT
server: nginx
etag: "31c5-5f92157ef0883-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2772

GET
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel/ 84 KB
25 KB 949ms
272ms Script
application/javascript 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: 2401f7f8a169f6e296be2a872382b9bee0e9a4dbeb6915ca7a40f0c22fa304fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: cache
Date: Tue, 05 Mar 2024 11:57:52 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 25517
Expires: Tue, 05 Mar 2024 12:02:51 GMT

GET
H2 200 logo.png
expensebrain.ch/assets/images/ 12 KB
12 KB 240ms
239ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/logo.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7714662e7fa92b789924348e30318ad552f55305497a168e5dd3b6ebb2c9802a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2fd2-5b9678021fb98"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12242

GET
H2 200 expenseBrain-logo-white-sm.png
expensebrain.ch/assets/images/ 2 KB
2 KB 241ms
239ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/expenseBrain-logo-white-sm.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8082c93c2ab7d89fd1120d8b42bb7473810571cb9542e871adf09aefdb3f2d53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "6f5-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1781

GET
H2 200 CH.png
expensebrain.ch/assets/images/flags/ 979 B
1 KB 218ms
212ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/flags/CH.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d11d792c13eb6cca65439e18747c2a8359a458e5eb6794d5828cb05ec9eb7bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "3d3-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 979

GET
H2 200 DE.png
expensebrain.ch/assets/images/flags/ 1 KB
1 KB 217ms
212ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/flags/DE.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e2b2d2dd82707474a827676a7366b734096986be26106868e89d719aaddaee55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "46c-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1132

GET
H2 200 AT.png
expensebrain.ch/assets/images/flags/ 924 B
1 KB 437ms
433ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/flags/AT.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8827e719947791707a9dc8c0e79017454e3f0359e665082c2bb532a2332f673e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "39c-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 924

GET
H2 200 FR.png
expensebrain.ch/assets/images/flags/ 1 KB
1 KB 323ms
321ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/flags/FR.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 024747f20c8dd0556fd3b607e88fb90fd1f358b33a905fdd2b39244cf9706c5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "40e-5b9678021ebf8"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1038

GET
H2 200 Facebook-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
expensebrain.ch/assets/images/resource/ 3 KB
3 KB 320ms
319ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/resource/Facebook-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "b3b-5b96780227898"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2875

GET
H2 200 LinkedIn-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
expensebrain.ch/assets/images/resource/ 767 B
959 B 436ms
435ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/resource/LinkedIn-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4e63b80b66524f1d238387b942c423b57ba64265649a683726a2bd1da0f060cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2ff-5b96780227898"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 767

GET
H2 200 shell.js Show response
js-eu1.hsforms.net/forms/ 481 KB
154 KB 537ms
150ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/shell.js

Requested by

Host: expensebrain.ch
URL: https://expensebrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 250
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=85d1ea34e97b9552-AMS
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"9485dc4b1fa9efefba4862f8a0581794"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4774/bundles/project-v2.js
date: Tue, 05 Mar 2024 11:57:51 GMT
x-amz-version-id: 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB
via: 1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
x-hubspot-correlation-id: ee130e32-f89e-4150-8fce-8130e894e6b0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: ee130e32-f89e-4150-8fce-8130e894e6b0
last-modified: Thu, 29 Feb 2024 15:14:22 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEGUImt5a%2BzQA%2FMS699CwBzaCA0%2BbXqdRt%2Fr3jH8F28qU%2FAa73fKXQFY6aV0vbzGM6frYZb%2FIRN9qmnzRjSiUjV0hOWRLNkUSNoWvxkTLRJKNo0ptLswGmjHw8eVptKhS8dkWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-57464f64dd-9j2jm
cf-ray: 85f9ee4ddad85757-DUB
x-amz-cf-id: -4EP6mzVsKeUmGq7ntbQSDoAHBw3lSCBsoNjGllIB7Z_fC3pVBWomw==

GET
H2 200 travelBrain-logo.png
expensebrain.ch/assets/images/resource/ 25 KB
25 KB 321ms
320ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/resource/travelBrain-logo.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ab345c7be9a65d104579f133aba138c529e458dd3553c59bb9919657f564496f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "62bc-5b9678022f598"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 25276

GET
H2 200 cookie.png
expensebrain.ch/assets/images/ 11 KB
11 KB 323ms
322ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/cookie.png
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2a59-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10841

GET
H2 200 jquery-3.5.1.min.js Show response
expensebrain.ch/assets/vendor/jquery/ 87 KB
30 KB 320ms
316ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/jquery/jquery-3.5.1.min.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "15d84-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 30910

GET
H2 200 popper.min.js Show response
expensebrain.ch/assets/vendor/popper/ 35 KB
8 KB 322ms
318ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/popper/popper.min.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 10ea15b472f21ff5adae126bbdb582df5eb76e06cd603780b8b0810599b93e4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "8cb0-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 8406

GET
H2 200 bootstrap.min.js Show response
expensebrain.ch/assets/vendor/bootstrap/js/ 62 KB
15 KB 323ms
319ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "f708-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14924

GET
H2 200 tarteaucitron.js Show response
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 87 KB
16 KB 435ms
432ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2e0b2244bb15d3a235592844ea1e5853cc59942bb84717025416fd852fbf382c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "15ccf-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 16422

GET
H2 200 tarteaucitron.services.js Show response
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 113 KB
19 KB 437ms
434ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.services.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "1c237-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18734

GET
H2 200 script.js Show response
expensebrain.ch/assets/js/ 17 KB
4 KB 324ms
322ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/js/script.js
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c4faa3761d2d361248c313ee4220f11f3367c34ab9214aa4b47c0e06cf725d39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "4468-5b967802314d8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3657

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 53 KB
19 KB 166ms
99ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: expensebrain.ch
URL: https://expensebrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2024 18:28:38 GMT
cf-bgj: minify
server: cloudflare
age: 208
etag: W/"3be18f0a18cf9980a421cf1577f639f4"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 85f9ee4ba9071971-EWR
expires: Wed, 06 Mar 2024 11:57:51 GMT

GET
H2 200 tarteaucitron.css
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/ 22 KB
4 KB 127ms
127ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/tarteaucitron.css
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "58a8-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3855

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 97ms
38ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Requested by

Host: expensebrain.ch
URL: https://expensebrain.ch/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efeb743b236d4ec701844ed96b26e143e55432e41176f475629c7dfecf1cf6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:28:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 11:57:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
750 B 98ms
39ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800

Requested by

Host: expensebrain.ch
URL: https://expensebrain.ch/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6be821307d9544c2a09cbe693edb536b347aebcdd28544dc7001977961560c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 11:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:57:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 11:57:51 GMT

GET
H2 200 preloader.gif
expensebrain.ch/assets/images/icons/ 15 KB
15 KB 121ms
120ms Image
image/gif 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/icons/preloader.gif
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5ae50e2ee27e6923e8e17de6ffad3c8d5c6e349ae37450fce236d1110ca5bfa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "3c69-5b9678021fb98"
x-powered-by: PleskLin
vary: Host
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15465

GET
H2 200 travel-2025.jpg
expensebrain.ch/assets/images/2025/ 47 KB
47 KB 119ms
117ms Image
image/jpeg 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/2025/travel-2025.jpg
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d75923aa67e89afd596d187840a5a1fcf0d3588cde15d266a9b1ba5f1219da0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "bbab-5b96780218e37"
x-powered-by: PleskLin
vary: Host
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 48043

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 120ms
56ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:01:02 GMT
x-content-type-options: nosniff
age: 529009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 09:01:02 GMT

GET
H2 200 icomoon.ttf
expensebrain.ch/assets/vendor/icomoon/fonts/ 3 KB
3 KB 122ms
121ms Font
application/font-sfnt 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/icomoon/fonts/icomoon.ttf?t5861u
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/vendor/icomoon/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4f7abe85480ae5c96b56b38f85bdebedc9ce5ddc23b2075c3a3d291a383eaaae

Request headers

Referer: https://expensebrain.ch/assets/vendor/icomoon/style.css
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:51 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "b50-5b96780235358"
x-powered-by: PleskLin
vary: Host
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 2896

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 92ms
29ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:56:24 GMT
x-content-type-options: nosniff
age: 529287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:56:24 GMT

GET
H/1.1 200
OK json Show response
forms-eu1.hsforms.com/embed/v3/form/25277577/144c13b4-3899-428f-9249-6297b3ef6e5a/ 17 KB
5 KB 614ms
239ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/25277577/144c13b4-3899-428f-9249-6297b3ef6e5a/json?hs_static_app=forms-embed&hs_static_app_version=1.4774&X-HubSpot-Static-App-Info=forms-embed-1.4774

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90815089abf5cab0e07701fb92b39384543a171b0742813c8cc2e484845b0442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://expensebrain.ch/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Origin-Hublet: eu1
Date: Tue, 05 Mar 2024 11:57:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: bc7ef5e3-c18a-41cf-a72a-2557913edbb9
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 40
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bc7ef5e3-c18a-41cf-a72a-2557913edbb9
Server: cloudflare
X-Trace: 2BB7B18A570125F061683B1D719A5467B7A9FE338D000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://expensebrain.ch
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 85f9ee535f19957f-DUB
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-bd7cbb644-6bld9

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 157ms
156ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://expensebrain.ch/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 05 Mar 2024 11:57:52 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 347ms
127ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 11:57:52 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

GET
H2 200 tarteaucitron.css
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/ 22 KB
4 KB 122ms
122ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/tarteaucitron.css?v=20201017
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:52 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "58a8-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3855

GET
H2 200 tarteaucitron.en.js Show response
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/lang/ 3 KB
1 KB 123ms
123ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/lang/tarteaucitron.en.js?v=20201017
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 990f5bd07f324ccc9f35de789055d0820ed45d43e02007814b4fd7bcf35ffedf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:52 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "c6f-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
content-language: en
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1245

GET
H2 200 tarteaucitron.services.js Show response
expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 113 KB
19 KB 120ms
119ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.services.js?v=20201017
Requested by: Host: expensebrain.ch
URL: https://expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:52 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "1c237-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18734

GET
H2 200 cookie.png
expensebrain.ch/assets/images/ 11 KB
11 KB 120ms
120ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expensebrain.ch/assets/images/cookie.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:57:52 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2a59-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10841

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 149ms
146ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://expensebrain.ch/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 05 Mar 2024 11:57:52 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 126ms
126ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 11:57:52 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

GET
H2 200 shell.js Show response
js-eu1.hsforms.net/forms/ Frame 35CF 481 KB
153 KB 127ms
126ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/shell.js

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 251
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=85d1ea34e97b9552-AMS
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"9485dc4b1fa9efefba4862f8a0581794"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4774/bundles/project-v2.js
date: Tue, 05 Mar 2024 11:57:52 GMT
x-amz-version-id: 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB
via: 1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
x-hubspot-correlation-id: ee130e32-f89e-4150-8fce-8130e894e6b0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: ee130e32-f89e-4150-8fce-8130e894e6b0
last-modified: Thu, 29 Feb 2024 15:14:22 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=st9qvk%2B9frDzSRuGAd2Gm2Q5WTyDB6zchtt%2FVlOjJbeYEI2RzxW8%2BZz2PxeJJHFpMuArlJuJIkL99HJUivdGVJoQI788uy3LBSyjbnJOKOd8QOlNUQEblgqNxY7y%2FRC3jpklXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-57464f64dd-9j2jm
cf-ray: 85f9ee54ecbc5757-DUB
x-amz-cf-id: -4EP6mzVsKeUmGq7ntbQSDoAHBw3lSCBsoNjGllIB7Z_fC3pVBWomw==

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1 KB 369ms
66ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 11:57:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: cd61a0b1-dd89-4ad2-aab2-22fbce89ff86
x-envoy-upstream-service-time: 9
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd61a0b1-dd89-4ad2-aab2-22fbce89ff86
Server: cloudflare
X-Trace: 2B140CED59D2E5317E4A33184F706C63A72EBBDA5A000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-ndvzs
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 85f9ee586d4e80d0-EWR

GET
H2 200 css2
fonts.googleapis.com/ Frame 35CF 17 KB
2 KB 46ms
46ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1e8cd07fbedfc9bd647659349bf2cc189e4c492c0e3c352c4359b374d5e3505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 11:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:03:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 11:57:53 GMT

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1 KB 873ms
240ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 11:57:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: a9a5bfbf-3724-46b4-970e-03f21f4f5893
x-envoy-upstream-service-time: 64
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a9a5bfbf-3724-46b4-970e-03f21f4f5893
Server: cloudflare
X-Trace: 2BECC92455DE699AE889B93708BA87789B70CDFA29000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-bd7cbb644-5c9cp
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 85f9ee5b8f9456d9-DUB

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 35CF 47 KB
47 KB 26ms
23ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:14:01 GMT
x-content-type-options: nosniff
age: 528232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 09:14:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 35CF 47 KB
47 KB 34ms
32ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:14:01 GMT
x-content-type-options: nosniff
age: 528232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 09:14:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 35CF 47 KB
47 KB 41ms
39ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expensebrain.ch
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:14:01 GMT
x-content-type-options: nosniff
age: 528232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 09:14:01 GMT

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 129ms
128ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 11:57:54 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 711ms
276ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://expensebrain.ch/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 05 Mar 2024 11:57:54 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
expensebrain.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: sg6ftr6np5kses8359pqij1r2b
.calendly.com/	1970-01-20 18:54:01	Name: __cf_bm Value: 3AR2bfxTIc2IhyDBriRqA6ASgDn9GaJHNAmajoXfGSU-1709639871-1.0.1.1-j_TdgS9QLlV9EfPqW_KMTfjfAngfRAy1Iyca280Hm01eqph3RCXD0g7Bk8y3Q04WA3uSn3N7zPsw6z7jFAguXA
expensebrain.ch/	1970-01-21 03:39:35	Name: expenseBrain Value: !gtag=wait!youtube=wait
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 46U6UX5A7JWPBZRx4Q91OraU6udWlkcwUpmtmwJQdA0-1709639873965-0.0.1.1-604800000

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://expensebrain.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://expensebrain.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://expensebrain.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
expense-brain.ch
expensebrain.ch
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hsforms.com
forms.hsforms.com
js-eu1.hsforms.net
www.byteanalytics.de
172.65.232.43
172.65.255.172
2606:4700:4400::6812:29af
2606:4700::6811:cff9
2607:f8b0:4006:817::2003
2607:f8b0:4006:824::200a
2a01:4f8:241:422b::2
2a01:4f8:c010:305::1
024747f20c8dd0556fd3b607e88fb90fd1f358b33a905fdd2b39244cf9706c5b
10ea15b472f21ff5adae126bbdb582df5eb76e06cd603780b8b0810599b93e4d
14b4c3f9d5b9d8c5da6cc652d37cce16869a98882b584c79e87eaefd9613e80d
2401f7f8a169f6e296be2a872382b9bee0e9a4dbeb6915ca7a40f0c22fa304fd
2e0b2244bb15d3a235592844ea1e5853cc59942bb84717025416fd852fbf382c
2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6
4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1
4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef
4d11d792c13eb6cca65439e18747c2a8359a458e5eb6794d5828cb05ec9eb7bf
4e63b80b66524f1d238387b942c423b57ba64265649a683726a2bd1da0f060cc
4f7abe85480ae5c96b56b38f85bdebedc9ce5ddc23b2075c3a3d291a383eaaae
530f8d6eea5bc88e42d1432bee189181772fc31410fb0a08d5ce304362b53763
5ae50e2ee27e6923e8e17de6ffad3c8d5c6e349ae37450fce236d1110ca5bfa2
6163e44f0af49c4f99c972085abc1dcfdd9b2a40090ebe2d1e37c516bcb01c27
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be821307d9544c2a09cbe693edb536b347aebcdd28544dc7001977961560c20
7714662e7fa92b789924348e30318ad552f55305497a168e5dd3b6ebb2c9802a
8082c93c2ab7d89fd1120d8b42bb7473810571cb9542e871adf09aefdb3f2d53
8827e719947791707a9dc8c0e79017454e3f0359e665082c2bb532a2332f673e
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
90815089abf5cab0e07701fb92b39384543a171b0742813c8cc2e484845b0442
990f5bd07f324ccc9f35de789055d0820ed45d43e02007814b4fd7bcf35ffedf
ab345c7be9a65d104579f133aba138c529e458dd3553c59bb9919657f564496f
b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329
c1e8cd07fbedfc9bd647659349bf2cc189e4c492c0e3c352c4359b374d5e3505
c4faa3761d2d361248c313ee4220f11f3367c34ab9214aa4b47c0e06cf725d39
d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9
d75923aa67e89afd596d187840a5a1fcf0d3588cde15d266a9b1ba5f1219da0d
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2b2d2dd82707474a827676a7366b734096986be26106868e89d719aaddaee55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efeb743b236d4ec701844ed96b26e143e55432e41176f475629c7dfecf1cf6f2
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff3333500ce0691b3b568fd66583c3929f49f245f0221e16452d5bdacd188700

expensebrain.ch Open in urlscan Pro 2a01:4f8:c010:305::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

75 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

908 kBTransfer

2404 kBSize

4 Cookies

16 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

expensebrain.ch Open in urlscan Pro
2a01:4f8:c010:305::1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

908 kB
Transfer

2404 kB
Size

4
Cookies

50 HTTP transactions
0 data transactions