urlscan.io logo urlscan.io
SecurityTrails logo

payroll.edag.com Open in urlscan Pro
193.141.91.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://payroll.edag.com/
Submission: On January 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 193.141.91.28, located in Germany and belongs to DTAG Internet service provider operations, DE. The main domain is payroll.edag.com.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.
This is the only time payroll.edag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 193.141.91.28 3320 (DTAG Inte...)
3 35.190.14.188 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.241.3.184 15169 (GOOGLE)
1 35.241.62.251 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 7
12    193.141.91.28 (Germany)

ASN3320 (DTAG Internet service provider operations, DE)
PTR: czechrepublic.edag.com
payroll.edag.com
3    35.190.14.188 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    35.241.3.184 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
1    35.241.62.251 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 251.62.241.35.bc.googleusercontent.com
aggregator.service.usercentrics.eu
2    2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
graphql.usercentrics.eu
Domain Requested by
12 payroll.edag.com payroll.edag.com
3 app.usercentrics.eu payroll.edag.com
app.usercentrics.eu
2 graphql.usercentrics.eu app.usercentrics.eu
1 aggregator.service.usercentrics.eu app.usercentrics.eu
1 api.usercentrics.eu app.usercentrics.eu
1 ajax.googleapis.com payroll.edag.com
1 fonts.googleapis.com payroll.edag.com
21 7

This site contains links to these domains. Also see Links.

Domain
usercentrics.com
www.feynsinn.de
Subject Issuer Validity Valid
payroll.edag.com
R3		 2021-01-22 -
2021-04-22		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D2		 2020-11-24 -
2021-02-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D2		 2021-01-20 -
2021-04-20		 3 months crt.sh
aggregator.service.usercentrics.eu
GTS CA 1D2		 2021-01-19 -
2021-04-19		 3 months crt.sh
graphql.usercentrics.eu
GTS CA 1D2		 2020-12-09 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payroll.edag.com/
Frame ID: 64E93C76AFFA02DB1B614381F2CF2F1B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

43 %
IPv6

3
Domains

7
Subdomains

7
IPs

3
Countries

2718 kB
Transfer

3730 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payroll.edag.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
d2b232b1ae9214e9df74fc0dfc7ec30ac5df0dc2423baa1f28c87297be4f8756

Request headers

:method
GET
:authority
payroll.edag.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Fri, 22 Jan 2021 10:47:22 GMT
content-type
text/html
content-length
8105
last-modified
Fri, 03 Jul 2020 08:11:58 GMT
etag
"5efee84e-1fa9"
x-powered-by
PleskLin
accept-ranges
bytes
main.js
app.usercentrics.eu/latest/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/latest/main.js
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c2f833a82a5e96a422df1b19798c8e4e18ac05dca359fc8ffadbac860b3f632

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 10:48:32 GMT
content-encoding
gzip
x-goog-meta-version
2.2.0
age
86331
x-guploader-uploadid
ABg5-UyaXTzlUQQm1EkjBKiD4S9SinfwU3nPhjMVMPIJ_273zRouSpuV1rTKD2ffK8si1kLqs0Ruw57J_OfdCqinGYJHX4hdmA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
7726
last-modified
Thu, 14 Jan 2021 10:45:45 GMT
server
UploadServer
etag
"f639420d96fe853e032afb74a8e2ee4a"
x-goog-hash
crc32c=XTYpjQ==, md5=9jlCDZb+hT4DKvt0qOLuSg==
x-goog-generation
1610621145459689
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400, no-transform
x-goog-stored-content-length
7726
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 10:48:32 GMT
css
fonts.googleapis.com/ 		2 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind:400,700&display=swap
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
239564e57b808847bb89c17f3d92716c9a55bec81adae2e066babd61f1d5d94b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 10:47:23 GMT
server
ESF
date
Fri, 22 Jan 2021 10:47:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Jan 2021 10:47:23 GMT
normalize.css
payroll.edag.com/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll.edag.com/css/normalize.css
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 12:09:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e872793-1e75"
content-type
text/css
accept-ranges
bytes
content-length
7797
skeleton.css
payroll.edag.com/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll.edag.com/css/skeleton.css
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
351e1774c7da12bd3f435ada3bdfba25423f60374654922e13dbeb1380973896

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 12:09:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e872793-2cb3"
content-type
text/css
accept-ranges
bytes
content-length
11443
custom.css
payroll.edag.com/css/ 		20 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payroll.edag.com/css/custom.css
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
f20d0cd3d3d42efddd9cae53dca74eeff7e95b00337114a8f104554766ead4f0

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 12:09:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e872793-5096"
content-type
text/css
accept-ranges
bytes
content-length
20630
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 13:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337164
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jan 2022 13:07:59 GMT
logo_edag.svg
payroll.edag.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/logo_edag.svg
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
d286c6f25938d89b1f21036621d45d2e6661038e5c090ceb60d7ae0c49df48f8

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Mon, 10 Feb 2020 12:06:44 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e414754-6f2"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1778
eingeben.png
payroll.edag.com/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/eingeben.png
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
9d8e91aef3fc9f1081b42fb4d314578ce873969165d07bf94ed97daca0bb91a6

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 10:06:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e870a94-4519"
content-type
image/png
accept-ranges
bytes
content-length
17689
brief.png
payroll.edag.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/brief.png
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
de5142b344e52ac1e7c5b757c8c48f1429f2fb3394a6a40f346d265712d87730

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 10:06:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e870a94-3c87"
content-type
image/png
accept-ranges
bytes
content-length
15495
bestaetigen.png
payroll.edag.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/bestaetigen.png
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
7cb0b1a1087b3f68685ac31fcf86ad7ebadf0218d77e0a4c0190dc6b0ede77d3

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Fri, 03 Apr 2020 10:06:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e870a94-37be"
content-type
image/png
accept-ranges
bytes
content-length
14270
csm_bb_edag_vehicle-engineering_f5fc763a78.jpg
payroll.edag.com/images/ 		465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/csm_bb_edag_vehicle-engineering_f5fc763a78.jpg
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
addb3819a7fc923988686a9c3cf8ff6354dc833f74b8afc84e2947ad75a50315

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Mon, 10 Feb 2020 12:06:44 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e414754-743d3"
content-type
image/jpeg
accept-ranges
bytes
content-length
476115
co2.jpg
payroll.edag.com/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/co2.jpg
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
e63cfb5b7c924aa9db7efb19471f55004e198fbb471b1ebdce0a1dcbebcdcbfb

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Mon, 10 Feb 2020 12:06:44 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e414754-18f56"
content-type
image/jpeg
accept-ranges
bytes
content-length
102230
help.jpg
payroll.edag.com/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/help.jpg
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
511782c10c63442f4282d30e50330bf0da5ecaafcd84f7e100e700fecf697deb

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Mon, 10 Feb 2020 12:06:44 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e414754-e2f3"
content-type
image/jpeg
accept-ranges
bytes
content-length
58099
bundle.js
app.usercentrics.eu/latest/ 		1 MB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/latest/bundle.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e594f5f3d8606627d65fed76715607067851dfe49d7b80ca3cf553eeb7dfb61b

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 10:48:33 GMT
content-encoding
gzip
x-goog-meta-version
2.2.0
age
86330
x-guploader-uploadid
ABg5-Uw090RZ6ljwtNp21G_oxBlrTqotRpZmyye94mCYImVMVy9ucw5fWkxVdrBdSu6f8V-4rHZOxXGi530JQCoszDM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
211833
last-modified
Thu, 14 Jan 2021 10:45:45 GMT
server
UploadServer
etag
"7499275ba0446683ecfaa9b1429c9f65"
x-goog-hash
crc32c=X03sJg==, md5=dJknW6BEZoPs+qmxQpyfZQ==
x-goog-generation
1610621145424390
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400, no-transform
x-goog-stored-content-length
211833
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 10:48:33 GMT
Key-Visual-BG.jpg
payroll.edag.com/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payroll.edag.com/images/Key-Visual-BG.jpg
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.141.91.28 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
czechrepublic.edag.com
Software
nginx / PleskLin
Resource Hash
50e7399166f39d6ad947d91f2aec051faa985b1547790c1f1a0617cf8281072d

Request headers

Referer
https://payroll.edag.com/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:22 GMT
last-modified
Mon, 10 Feb 2020 12:06:44 GMT
server
nginx
x-powered-by
PleskLin
etag
"5e414754-1b35d7"
content-type
image/jpeg
accept-ranges
bytes
content-length
1783255
de.json
api.usercentrics.eu/settings/ZS50VDvx9/latest/ 		20 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/ZS50VDvx9/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
65b1abcf669ea474919f80307fdebcf844c660efbb096159239b570763eafc91

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:47:23 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uymhv_RGWr-bqVRrbhk7Wef_s8HCaMmJ6l_RnLLaPysrPmVrJ9R9WOIytbtEsNa8Oj7RuWXikhPX6mazjHENA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6977
last-modified
Thu, 05 Nov 2020 17:46:40 GMT
server
UploadServer
etag
"9afc0dd7ac735ff0e4fdb75ded516070"
x-goog-hash
crc32c=zNnSIQ==, md5=mvwN16xzX/Dk/bdd7VFgcA==
x-goog-generation
1604598400414844
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length
6977
accept-ranges
bytes
content-type
application/json
expires
Fri, 22 Jan 2021 10:47:33 GMT
1px.png
app.usercentrics.eu/session/ 		489 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=ZS50VDvx9
Requested by
Host: payroll.edag.com
URL: https://payroll.edag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 10:19:05 GMT
content-encoding
gzip
age
1698
x-guploader-uploadid
ABg5-Uwyw_bXP1LoZcT6csO_0d_skvHHZPCkBmZl3pNjgEtGVc6BAVLvAA-wl-Sy3hjV5i21bBRXFl0uPQs0tIFTT_o
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation
1588928773413784
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
content-type
image/png
expires
Fri, 22 Jan 2021 10:49:05 GMT
de
aggregator.service.usercentrics.eu/aggregate/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@31.10.30,HJI5SmLm7@4.0.18
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.62.251 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
251.62.241.35.bc.googleusercontent.com
Software
/
Resource Hash
3b574a0768b6f6ac4f31e8158966237f12a61eed2b82aae7a24662d8d2a42a2e

Request headers

Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:01:11 GMT
content-encoding
br
age
74772
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=86400
alt-svc
clear
content-length
1666
via
1.1 google
graphql
graphql.usercentrics.eu/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Origin
https://payroll.edag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 22 Jan 2021 10:47:23 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
via
1.1 google
graphql
graphql.usercentrics.eu/ 		575 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
66be6d6eee5b5569c5f8609fca3bd670da315ff2a030b8d23ef1172df03fe279

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://payroll.edag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Request-ID
9ca949c3-a959-47ad-9fb0-7abae7fd0ca4
Content-Type
application/json

Response headers

date
Fri, 22 Jan 2021 10:47:23 GMT
content-encoding
gzip
etag
W/"23f-Rx0y3PWOwhtijee8Cho9AISAdIE"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
1.1 google

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| usercentrics function| $ function| jQuery undefined| _ function| DataLayerHelper object| tousercentrics function| lodash object| dataLayer

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
ajax.googleapis.com
api.usercentrics.eu
app.usercentrics.eu
fonts.googleapis.com
graphql.usercentrics.eu
payroll.edag.com
193.141.91.28
2a00:1450:4001:800::200a
2a00:1450:4001:803::200a
2a00:1450:4001:808::2013
35.190.14.188
35.241.3.184
35.241.62.251
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
239564e57b808847bb89c17f3d92716c9a55bec81adae2e066babd61f1d5d94b
351e1774c7da12bd3f435ada3bdfba25423f60374654922e13dbeb1380973896
3b574a0768b6f6ac4f31e8158966237f12a61eed2b82aae7a24662d8d2a42a2e
50e7399166f39d6ad947d91f2aec051faa985b1547790c1f1a0617cf8281072d
511782c10c63442f4282d30e50330bf0da5ecaafcd84f7e100e700fecf697deb
65b1abcf669ea474919f80307fdebcf844c660efbb096159239b570763eafc91
66be6d6eee5b5569c5f8609fca3bd670da315ff2a030b8d23ef1172df03fe279
7cb0b1a1087b3f68685ac31fcf86ad7ebadf0218d77e0a4c0190dc6b0ede77d3
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
9c2f833a82a5e96a422df1b19798c8e4e18ac05dca359fc8ffadbac860b3f632
9d8e91aef3fc9f1081b42fb4d314578ce873969165d07bf94ed97daca0bb91a6
addb3819a7fc923988686a9c3cf8ff6354dc833f74b8afc84e2947ad75a50315
d286c6f25938d89b1f21036621d45d2e6661038e5c090ceb60d7ae0c49df48f8
d2b232b1ae9214e9df74fc0dfc7ec30ac5df0dc2423baa1f28c87297be4f8756
de5142b344e52ac1e7c5b757c8c48f1429f2fb3394a6a40f346d265712d87730
e594f5f3d8606627d65fed76715607067851dfe49d7b80ca3cf553eeb7dfb61b
e63cfb5b7c924aa9db7efb19471f55004e198fbb471b1ebdce0a1dcbebcdcbfb
f20d0cd3d3d42efddd9cae53dca74eeff7e95b00337114a8f104554766ead4f0
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51