urlscan.io logo urlscan.io
SecurityTrails logo

www.hexpayment.de Open in urlscan Pro
52.213.5.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hexpayment.de/
Submission: On October 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 52.213.5.77, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.hexpayment.de.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 16th 2023. Valid for: a year.
This is the only time www.hexpayment.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    52.213.5.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
www.hexpayment.de
3    2606:4700:10::6816:3e93 (United States)

ASN13335 (CLOUDFLARENET, US)
static4.holidayextras.com
static1.holidayextras.com
www.holidayextras.com
1    2600:141b:1c00:49d::13b8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    2600:9000:21da:be00:a:70bb:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.hxtrack.com
1    2600:9000:24f1:a000:12:29df:cd00:21 (United States)

ASN16509 (AMAZON-02, US)
d3macwxrvlvlf8.cloudfront.net
2    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2600:9000:2512:7200:1a:5818:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.holidayextras.de
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
11 hexpayment.de
www.hexpayment.de
59 KB
3 holidayextras.com
static4.holidayextras.com — Cisco Umbrella Rank: 404910
static1.holidayextras.com — Cisco Umbrella Rank: 442921
www.holidayextras.com — Cisco Umbrella Rank: 193085
91 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 518
17 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
337 B
1 holidayextras.de
www.holidayextras.de
305 B
1 cloudfront.net
d3macwxrvlvlf8.cloudfront.net
316 B
1 hxtrack.com
www.hxtrack.com
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 889
67 KB
19 8
Domain Requested by
11 www.hexpayment.de www.hexpayment.de
2 ssl.google-analytics.com 1 redirects www.hexpayment.de
1 stats.g.doubleclick.net www.hexpayment.de
1 www.holidayextras.com www.hexpayment.de
1 www.holidayextras.de 1 redirects
1 static1.holidayextras.com www.hexpayment.de
1 d3macwxrvlvlf8.cloudfront.net www.hexpayment.de
1 www.hxtrack.com www.hexpayment.de
1 cdn.optimizely.com www.hexpayment.de
1 static4.holidayextras.com www.hexpayment.de
19 10

This site contains links to these domains. Also see Links.

Domain
www.holidayextras.de
Subject Issuer Validity Valid
www.hxpayments.com
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-30 -
2024-05-28		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
www.hxtrack.com
Amazon RSA 2048 M02		 2023-06-10 -
2024-07-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.hexpayment.de/
Frame ID: 082A14651AE44C6E580515C5967CE444
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holiday Extras - Kreditkarten-Bezahlung | Credit card payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

19
Requests

89 %
HTTPS

88 %
IPv6

8
Domains

10
Subdomains

7
IPs

2
Countries

235 kB
Transfer

566 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.holidayextras.de/images/hx-bootstrap/holiday-extras-logo.png HTTP 301
  • https://www.holidayextras.com/de/images/hx-bootstrap/holiday-extras-logo.png
Request Chain 17
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=431102798&utmhn=www.hexpayment.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Holiday%20Extras%20-%20Kreditkarten-Bezahlung%20%7C%20Credit%20card%20payment&utmhid=2060944776&utmr=-&utmp=%2F&utmht=1697711958206&utmac=UA-10509646-4&utmcc=__utma%3D248536350.1799215194.1697711958.1697711958.1697711958.1%3B%2B__utmz%3D248536350.1697711958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1144035505&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10509646-4&cid=1799215194.1697711958&jid=1144035505&_v=5.7.2&z=431102798

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hexpayment.de/ 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c08f7d6b29bf767496e93320cbfbfd206899cf626f373ec53b05b10df0bf7a86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-length
6751
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 10:39:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 19 Oct 2023 10:39:16 GMT
pragma
no-cache
server
Apache
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
x-cached
false
x-expires
Thu, 19 Oct 2023 12:09:16
_cache_0d3e8e1741cd22bf490d99f57486f30a.1697557595.css
www.hexpayment.de/css/general/cache/ 		85 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hexpayment.de/css/general/cache/_cache_0d3e8e1741cd22bf490d99f57486f30a.1697557595.css?c=WyJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvc3R5bGVzaGVldFwvaHgtZGVcL2RlZmF1bHQuY3NzIl0%3D
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cffb5eff2476364ffc96762113a9a73a804ecd183b25bdcd7ffcd63b5cb9651f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 15:46:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public
accept-ranges
bytes
content-length
14129
x-cached
false
_cache_466e3e30eb38759b47bc025dec15578d.1697557595.js
static4.holidayextras.com/js/general/cache/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static4.holidayextras.com/js/general/cache/_cache_466e3e30eb38759b47bc025dec15578d.1697557595.js?c=WyJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvanNcL2dlbmVyYWxcL2pxdWVyeS4xLjguMi5taW4uanMiLCJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvanNcL2dlbmVyYWxcL2h4dHJhY2suanMiLCJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvamF2YXNjcmlwdFwvYm9vdHN0cmFwLXYzXC9ib290c3RyYXAubWluLmpzIl0%3D
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57643f8ba3eac157ccfa3fb4400694b1913f35d47293fe6b2ac06ba6c4639f3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 10:39:17 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
818865751a714bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
42386
x-cached
false
23907671.js
cdn.optimizely.com/js/ 		209 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/23907671.js
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:49d::13b8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39914f0a63545e2637e2be37827b54ed42fe65ff480b32f5af88370e671c6ca0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
BI_6pjn6yTvNy.OISsPkWEMQcYw8vNSi
content-encoding
gzip
date
Thu, 19 Oct 2023 10:39:17 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
7N8JNNCWBMV797SY
x-amz-meta-revision
648
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=23, origin; dur=12, cdn;desc="AkamaiION";dur=0,rtt;desc="27";dur=0,cdnip;desc="2600:141b:1c00:49d::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1697711957281_388787786_254741313_3542_1962_27_32_219";dur=1
content-length
68112
x-amz-id-2
45YAuLtFRFuo41COepNb1V1x5bdRSipJE0s/fHZHJr4Yd262uZ34e2DdSHjHXk7DaX0N1F+4pBo=
last-modified
Wed, 09 May 2018 06:51:23 GMT
server
AmazonS3
etag
"b52a99799167491e2138a5fe286db724"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
Creditcard-banner.gif
www.hexpayment.de/images/de-hx/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Creditcard-banner.gif
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b20289b45569f1d73093a7da0b20809fba2f5178733923d55f72e75b83a8c2be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
last-modified
Thu, 27 Feb 2014 08:35:08 GMT
server
nginx
vary
User-Agent
content-type
image/gif
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
9687
x-cached
false
expires
Thu, 16 Oct 2025 15:47:01 GMT
Germany-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Germany-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d7aef04b28db73446649b84960e421738273c715b126eefe4d1434f63ee573aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
last-modified
Fri, 30 Dec 2011 10:39:49 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3022
x-cached
false
expires
Thu, 16 Oct 2025 15:47:07 GMT
UK-flag.jpg
www.hexpayment.de/images/de-hx/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/UK-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c76aa5e2db922cf1ee1e4a59d7f7a16dada2c12d2295b84f6ea8d0114a504d05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
last-modified
Fri, 30 Dec 2011 10:41:55 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3988
x-cached
false
expires
Thu, 16 Oct 2025 15:47:13 GMT
Italy-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Italy-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2ed1855b12a32e136f58c71a79a5514d4bf533f824d0cf454f2447f02319319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
last-modified
Fri, 30 Dec 2011 10:41:29 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3118
x-cached
false
expires
Thu, 16 Oct 2025 15:47:20 GMT
Netherlands-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Netherlands-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3e3be4571f66da7cd50b3e145ae23d53cc963034ffe29f7a27411f5c07b0f717

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:17 GMT
last-modified
Fri, 30 Dec 2011 11:08:54 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3153
x-cached
false
expires
Thu, 16 Oct 2025 15:47:27 GMT
tracker.php
www.hxtrack.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hxtrack.com/tracker.php?agent=hxpay&_async=1
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:be00:a:70bb:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
www.hexpayment.de.js
d3macwxrvlvlf8.cloudfront.net/cookie-service/ 		0
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3macwxrvlvlf8.cloudfront.net/cookie-service/www.hexpayment.de.js
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:a000:12:29df:cd00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 google, 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
content-length
0
x-amz-cf-id
Uuq6QEBKoEEc1ibaSwHu1oYV9_QsmJ2WOKhI47GctpzK5O5u_60pvw==
Germany-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Germany-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d7aef04b28db73446649b84960e421738273c715b126eefe4d1434f63ee573aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
last-modified
Fri, 30 Dec 2011 10:39:49 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3022
x-cached
false
expires
Thu, 16 Oct 2025 15:47:07 GMT
UK-flag.jpg
www.hexpayment.de/images/de-hx/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/UK-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c76aa5e2db922cf1ee1e4a59d7f7a16dada2c12d2295b84f6ea8d0114a504d05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
last-modified
Fri, 30 Dec 2011 10:41:55 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3988
x-cached
false
expires
Thu, 16 Oct 2025 15:47:13 GMT
Italy-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Italy-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2ed1855b12a32e136f58c71a79a5514d4bf533f824d0cf454f2447f02319319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
last-modified
Fri, 30 Dec 2011 10:41:29 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3118
x-cached
false
expires
Thu, 16 Oct 2025 15:47:20 GMT
Netherlands-flag.jpg
www.hexpayment.de/images/de-hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hexpayment.de/images/de-hx/Netherlands-flag.jpg
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.5.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-5-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3e3be4571f66da7cd50b3e145ae23d53cc963034ffe29f7a27411f5c07b0f717

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
last-modified
Fri, 30 Dec 2011 11:08:54 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=63072000, public
accept-ranges
bytes
content-length
3153
x-cached
false
expires
Thu, 16 Oct 2025 15:47:27 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 09:43:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3333
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 19 Oct 2023 11:43:45 GMT
background-tripapp.png
static1.holidayextras.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.holidayextras.com/background-tripapp.png
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/css/general/cache/_cache_0d3e8e1741cd22bf490d99f57486f30a.1697557595.css?c=WyJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvc3R5bGVzaGVldFwvaHgtZGVcL2RlZmF1bHQuY3NzIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c155e391cddbd28b88a07153af679dc807d105e4164acd8a30f666067b271e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:39:18 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Jan 2013 11:57:46 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=63072000
accept-ranges
bytes
cf-ray
8188657a0a854bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
36855
x-cached
false
expires
Sat, 18 Oct 2025 10:39:18 GMT
holiday-extras-logo.png
www.holidayextras.com/de/images/hx-bootstrap/
Redirect Chain
  • https://www.holidayextras.de/images/hx-bootstrap/holiday-extras-logo.png
  • https://www.holidayextras.com/de/images/hx-bootstrap/holiday-extras-logo.png
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.holidayextras.com/de/images/hx-bootstrap/holiday-extras-logo.png
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/css/general/cache/_cache_0d3e8e1741cd22bf490d99f57486f30a.1697557595.css?c=WyJcL3d3d1wvc2VvX2R5bmFtaWNcL3Nlb1wvc3R5bGVzaGVldFwvaHgtZGVcL2RlZmF1bHQuY3NzIl0%3D
Protocol
H2
Server
2606:4700:10::6816:3e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960486c92300b72788febb98732bca8d6bd9455cb170908c86ba90a1d31f30d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 19 Oct 2023 10:39:18 GMT
via
1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront, MISS
alt-svc
h3=":443"; ma=86400
content-length
12710
x-cached
false
x-served-by
cache-ewr18183-EWR
last-modified
Wed, 15 Mar 2017 16:24:19 GMT
server
cloudflare
content-type
image/png
cache-control
public
accept-ranges
bytes
cf-ray
8188657b1a894bcf-BUF
x-amz-cf-id
8kcJFI1uS0-q7sxNxSWfT_HP4fPiL76c_ITGYh6LMI691egepaATDg==
expires
Sat, 18 Oct 2025 10:21:34 GMT

Redirect headers

date
Thu, 19 Oct 2023 10:39:18 GMT
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
location
https://www.holidayextras.com/de/images/hx-bootstrap/holiday-extras-logo.png
cache-control
max-age=0, no-store, no-cache
content-length
0
x-amz-cf-id
CjVVoX2TOD6bjwlKWA0yfZL0OyZCVrjCu8Xq8t2pwFdj0nve78oWEA==
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=431102798&utmhn=www.hexpayment.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Hol...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10509646-4&cid=1799215194.1697711958&jid=1144035505&_v=5.7.2&z=431102798
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10509646-4&cid=1799215194.1697711958&jid=1144035505&_v=5.7.2&z=431102798
Requested by
Host: www.hexpayment.de
URL: https://www.hexpayment.de/
Protocol
H2
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hexpayment.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Oct 2023 10:39:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:39:18 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10509646-4&cid=1799215194.1697711958&jid=1144035505&_v=5.7.2&z=431102798
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| hxBits object| jsdate object| hxtrack_inline function| $ function| jQuery boolean| hxtrackLoaded object| jQuery18200561802344401634 object| geolocation object| optly object| optimizely object| _gaq object| _gat object| gaGlobal

11 Cookies

Domain/Path Name / Value
.hexpayment.de/ Name: agent
Value: hxpay
www.hexpayment.de/ Name: a_agent
Value: %7B%22id%22%3A%2284200%22%2C%22name%22%3A%22hexpayment.de%22%2C%22code%22%3A%22HXPAY%22%2C%22def_profile%22%3A%22abc-plz%22%2C%22allow_any_profile%22%3A%220%22%2C%22typeRID%22%3A%22D%22%2C%22country%22%3A%22DE%22%2C%22isXmlAgent%22%3A%221%22%2C%22groupCode%22%3A%22XX%22%2C%22brand%22%3A%22HX%22%2C%22ipp%22%3A%220%22%2C%22v2%22%3A%220%22%2C%22DDI%22%3A%220049%2089678059003%22%2C%22promocode%22%3A%220%22%2C%22customer_detail_required%22%3A%220%22%2C%22hotelupsell%22%3A%220%22%2C%22excess%22%3A%220.00%22%2C%22cover%22%3A%220.00%22%2C%22call_for_screening%22%3A%220%22%2C%22additionalremarks%22%3A%22%22%2C%22cashback%22%3A%220%22%2C%22promocode_show_on_engine%22%3A%220%22%2C%22skip_upgrades_for%22%3Anull%2C%22master_brand%22%3A%22HX%22%2C%22mailable%22%3A%221%22%2C%22preselected_cp_payment%22%3A%220%22%2C%22preselected_ho_payment%22%3A%220%22%2C%22preselected_lo_payment%22%3A%220%22%2C%22free_cancellation%22%3A%221%22%2C%22legacy_campaign_filtering%22%3A%220%22%2C%22data%22%3Anull%2C%22last_updated%22%3Anull%2C%22level0%22%3A%7B%22Error%22%3A%7B%22Code%22%3A%220070%22%2C%22Message%22%3A%22Sie%20haben%20ein%20ung%5Cu00c3%5Cu00bcltiges%20Passwort%20eingegeben.%20Bitte%20geben%20Sie%20Ihr%20Passwort%20erneut%20ein%21%22%7D%7D%7D
.hexpayment.de/ Name: optimizelyEndUserId
Value: oeu1697711957997r0.01366293183895495
.hexpayment.de/ Name: optimizelySegments
Value: %7B%22172027697%22%3A%22direct%22%2C%22172118311%22%3A%22false%22%2C%22172137090%22%3A%22gc%22%2C%22315704168%22%3A%22none%22%7D
.hexpayment.de/ Name: optimizelyBuckets
Value: %7B%7D
.hexpayment.de/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.hexpayment.de/ Name: __utma
Value: 248536350.1799215194.1697711958.1697711958.1697711958.1
.hexpayment.de/ Name: __utmc
Value: 248536350
.hexpayment.de/ Name: __utmz
Value: 248536350.1697711958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.hexpayment.de/ Name: __utmt
Value: 1
.hexpayment.de/ Name: __utmb
Value: 248536350.1.10.1697711958

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
d3macwxrvlvlf8.cloudfront.net
ssl.google-analytics.com
static1.holidayextras.com
static4.holidayextras.com
stats.g.doubleclick.net
www.hexpayment.de
www.holidayextras.com
www.holidayextras.de
www.hxtrack.com
2600:141b:1c00:49d::13b8
2600:9000:21da:be00:a:70bb:bfc0:93a1
2600:9000:24f1:a000:12:29df:cd00:21
2600:9000:2512:7200:1a:5818:8380:93a1
2606:4700:10::6816:3e93
2607:f8b0:4004:c17::9b
2607:f8b0:4006:817::2008
52.213.5.77
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
39914f0a63545e2637e2be37827b54ed42fe65ff480b32f5af88370e671c6ca0
3e3be4571f66da7cd50b3e145ae23d53cc963034ffe29f7a27411f5c07b0f717
57643f8ba3eac157ccfa3fb4400694b1913f35d47293fe6b2ac06ba6c4639f3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
960486c92300b72788febb98732bca8d6bd9455cb170908c86ba90a1d31f30d2
b20289b45569f1d73093a7da0b20809fba2f5178733923d55f72e75b83a8c2be
c08f7d6b29bf767496e93320cbfbfd206899cf626f373ec53b05b10df0bf7a86
c155e391cddbd28b88a07153af679dc807d105e4164acd8a30f666067b271e11
c76aa5e2db922cf1ee1e4a59d7f7a16dada2c12d2295b84f6ea8d0114a504d05
cffb5eff2476364ffc96762113a9a73a804ecd183b25bdcd7ffcd63b5cb9651f
d7aef04b28db73446649b84960e421738273c715b126eefe4d1434f63ee573aa
e2ed1855b12a32e136f58c71a79a5514d4bf533f824d0cf454f2447f02319319
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855