urlscan.io logo urlscan.io
SecurityTrails logo

login.payrexx.com Open in urlscan Pro
18.156.53.189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://invoice.jd-ict.ch/
Effective URL: https://login.payrexx.com/
Submission: On August 21 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 54 HTTP transactions. The main IP is 18.156.53.189, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is login.payrexx.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 8th 2024. Valid for: a year.
This is the only time login.payrexx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 3.74.195.126 16509 (AMAZON-02)
10 18.156.53.189 16509 (AMAZON-02)
3 142.250.185.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
8 2603:1020:c01... 8075 (MICROSOFT...)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 20.114.190.119 8075 (MICROSOFT...)
54 17
2    3.74.195.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-195-126.eu-central-1.compute.amazonaws.com
invoice.jd-ict.ch
10    18.156.53.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
login.payrexx.com
media.payrexx.com
backoffice.payrexx.com
3    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
8    2603:1020:c01:4::40 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
payrexx.piwik.pro
payrexx.containers.piwik.pro
5    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
Apex Domain
Subdomains		 Transfer
10 payrexx.com
login.payrexx.com
media.payrexx.com
backoffice.payrexx.com
213 KB
8 piwik.pro
payrexx.piwik.pro
payrexx.containers.piwik.pro
178 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
x.clarity.ms — Cisco Umbrella Rank: 8333
30 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
16 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
2 KB
4 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
15 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
985 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
219 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
73 KB
2 jd-ict.ch
invoice.jd-ict.ch
631 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
256 B
1 gstatic.com
www.gstatic.com
212 KB
54 15
Domain Requested by
5 bat.bing.com www.googletagmanager.com
bat.bing.com
login.payrexx.com
5 login.payrexx.com login.payrexx.com
4 www.facebook.com login.payrexx.com
4 payrexx.containers.piwik.pro login.payrexx.com
4 www.clarity.ms login.payrexx.com
bat.bing.com
www.clarity.ms
4 payrexx.piwik.pro www.googletagmanager.com
payrexx.piwik.pro
4 snap.licdn.com www.googletagmanager.com
snap.licdn.com
login.payrexx.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.googletagmanager.com login.payrexx.com
www.googletagmanager.com
3 www.google.com login.payrexx.com
www.gstatic.com
3 media.payrexx.com login.payrexx.com
media.payrexx.com
2 x.clarity.ms www.clarity.ms
2 www.youtube.com login.payrexx.com
www.youtube.com
2 connect.facebook.net login.payrexx.com
connect.facebook.net
2 backoffice.payrexx.com login.payrexx.com
2 invoice.jd-ict.ch 2 redirects
1 px4.ads.linkedin.com login.payrexx.com
1 www.google.de login.payrexx.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
54 21

This site contains links to these domains. Also see Links.

Domain
dispatcher.payrexx.com
signup.payrexx.com
Subject Issuer Validity Valid
payrexx.com
Amazon RSA 2048 M02		 2024-08-08 -
2025-09-07		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.piwik.pro
GlobeSSL DV CA		 2024-01-02 -
2025-01-28		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-30 -
2024-08-28		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.containers.piwik.pro
GlobeSSL DV CA		 2024-01-02 -
2025-01-01		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://login.payrexx.com/
Frame ID: 7CF6D27F58D2C9BDB2347F10FC42FC30
Requests: 51 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NTCZJZ
Frame ID: EEB974BE1C0ECE5FA460FF9FFDFC7D3D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchLkUUAAAAAM4gkavOwT5tljRJPpFq0kwWWxoX&co=aHR0cHM6Ly9sb2dpbi5wYXlyZXh4LmNvbTo0NDM.&hl=de-CH&v=hfUfsXWZFeg83qqxrK27GB8P&theme=light&size=invisible&cb=6vy2u39gcpta
Frame ID: DED02EADA36065BD8FA330DFBEF40002
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LchLkUUAAAAAM4gkavOwT5tljRJPpFq0kwWWxoX
Frame ID: BCF918CD0678637F0515B59E54A1787A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payrexx - Login

Page URL History Show full URLs

  1. https://invoice.jd-ict.ch/ HTTP 302
    https://invoice.jd-ict.ch/de/ HTTP 302
    https://login.payrexx.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

17
IPs

3
Countries

977 kB
Transfer

3108 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://invoice.jd-ict.ch/ HTTP 302
    https://invoice.jd-ict.ch/de/ HTTP 302
    https://login.payrexx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2&e_ipv6=AQKf_oLwe4aOaQAAAZFz1jdEht9R5s5AT-MRadj1pwDF_WQug6lzJjzIQBY9Vjc

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.payrexx.com/
Redirect Chain
  • https://invoice.jd-ict.ch/
  • https://invoice.jd-ict.ch/de/
  • https://login.payrexx.com/
358 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.payrexx.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
82b5958508e3211556555c7551fd6b823b7d7b750270807d3749277c32d3b5eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
263
content-type
text/html
date
Wed, 21 Aug 2024 07:28:23 GMT
etag
"166-6201b98bd1bc0-gzip"
last-modified
Tue, 20 Aug 2024 11:19:19 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Authorization, Content-Type
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 07:28:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://login.payrexx.com
pragma
no-cache
referrer-policy
origin
server
Caddy Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
index-59122ade.js
login.payrexx.com/assets/ 		230 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.payrexx.com/assets/index-59122ade.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d55b9c0f78b8b917b812bda51ce49651cf657ac614153e4745c9aca54503d2eb

Request headers

Referer
https://login.payrexx.com/
Origin
https://login.payrexx.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 11:19:19 GMT
server
Apache
etag
"398bf-6201b98bd1bc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
expires
Wed, 21 Aug 2024 08:28:23 GMT
index-4644cf6e.css
login.payrexx.com/assets/ 		182 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.payrexx.com/assets/index-4644cf6e.css
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4644cf6e5ad377142f6424593c0105c91e6a6d635ba17082fe0a239455524950

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 11:19:19 GMT
server
Apache
etag
"2d746-6201b98bd1bc0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
content-length
33354
expires
Wed, 21 Aug 2024 08:28:23 GMT
signup.css
media.payrexx.com/assets/css/ 		1 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.payrexx.com/assets/css/signup.css?v=1724225303407
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
8b471fa6c3e6af911838ebf7d9343f1e8c612275264dd9dc604a814bfe669357
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000
content-disposition
inline
access-control-allow-headers
Origin, X-Requested-With, Authorization
content-length
627
x-xss-protection
1; mode=block
expires
Fri, 20 Sep 2024 07:28:23 GMT
index.php
backoffice.payrexx.com/cadmin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://backoffice.payrexx.com/cadmin/index.php?cmd=jsondata&object=MultiSite&act=getLoginConfiguration
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fd9878209ad6085e05b6c2adb3c6b673ade823e8511e16e3c009d9a2009700c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 07:28:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
origin
server
Apache
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://login.payrexx.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Authorization, Content-Type
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
de-37f27a87.js
login.payrexx.com/assets/ 		887 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.payrexx.com/assets/de-37f27a87.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ec6d1b02c547137fb333247fb2939d7ad7de98f77a56cbc44f075eac111ea129

Request headers

Referer
https://login.payrexx.com/assets/index-59122ade.js
Origin
https://login.payrexx.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 11:19:19 GMT
server
Apache
etag
"377-6201b98bd1bc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
326
expires
Wed, 21 Aug 2024 08:28:23 GMT
fontawesome-webfont-3c4a1bb7.woff2
login.payrexx.com/assets/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.payrexx.com/assets/fontawesome-webfont-3c4a1bb7.woff2?v=4.4.0
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-4644cf6e.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://login.payrexx.com/assets/index-4644cf6e.css
Origin
https://login.payrexx.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
last-modified
Tue, 20 Aug 2024 11:19:19 GMT
server
Apache
accept-ranges
bytes
etag
"fbd0-6201b98bd1bc0"
content-length
64464
api.js
www.google.com/recaptcha/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaReady&render=explicit&hl=undefined&_=1724225303452
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
3c108ca1179a425cd0fe1da2e4e69293299f1d19387126caf2fd14a9483dbffd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 21 Aug 2024 07:28:23 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		533 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaReady&render=explicit&hl=undefined&_=1724225303452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b235ed2749d98439b3e072245e1599be732e2ae0d00da0686496461d399aaee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
Origin
https://login.payrexx.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 17:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216193
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Aug 2025 17:29:10 GMT
index.php
backoffice.payrexx.com/cadmin/ 		62 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backoffice.payrexx.com/cadmin/index.php?cmd=jsondata&object=Login&act=getAvailableIdentityProviders
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2b961030b8675bd6397b467b996ca828c989c7aad5229d150236b19be8cfc8d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 07:28:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
origin
server
Apache
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://login.payrexx.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Authorization, Content-Type
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
signup.png
media.payrexx.com/assets/logos/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.payrexx.com/assets/logos/signup.png
Requested by
Host: media.payrexx.com
URL: https://media.payrexx.com/assets/css/signup.css?v=1724225303407
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b94f16cec8ee36c24b5ca91243c1da9491cc5f4230cb8b1ebabf831b3abe96e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.payrexx.com/assets/css/signup.css?v=1724225303407
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Apache
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
content-disposition
inline
access-control-allow-headers
Origin, X-Requested-With, Authorization
x-xss-protection
1; mode=block
expires
Fri, 20 Sep 2024 07:28:23 GMT
ns.html
www.googletagmanager.com/ Frame EEB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NTCZJZ
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/assets/index-59122ade.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
137
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Aug 2024 07:28:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		344 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTCZJZ
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
756b66867b06ff4221ff4a29936be54324ea730983565da8c981e64441f4c532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111865
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Aug 2024 07:28:23 GMT
anchor
www.google.com/recaptcha/api2/ Frame DED0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchLkUUAAAAAM4gkavOwT5tljRJPpFq0kwWWxoX&co=aHR0cHM6Ly9sb2dpbi5wYXlyZXh4LmNvbTo0NDM.&hl=de-CH&v=hfUfsXWZFeg83qqxrK27GB8P&theme=light&size=invisible&cb=6vy2u39gcpta
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xb28i6B7TrMDR_ropERZtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.payrexx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xb28i6B7TrMDR_ropERZtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Aug 2024 07:28:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		345 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9ZTFHJ756R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTCZJZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3a19af69fdecbf6a36f0050a1c778a790652c6db26d8d5dd89ca03ba446bbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112340
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 21 Aug 2024 07:28:23 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTCZJZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bf00e16f095545269680804a6cc08db746641285d4fc2a7525efc0c0b2ecb35c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 09:01:58 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=9499
accept-ranges
bytes
content-length
759
ppms.js
payrexx.piwik.pro/ 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrexx.piwik.pro/ppms.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTCZJZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3ce81ba84fe1bc8bb2272cb2e469c701d421df8f14dfc5d4d9d88f359b8d5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Aug 2024 09:24:24 GMT
referrer-policy
origin
etag
W/"66b1ebc8-f138"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
max-age=21600
expires
Wed, 21 Aug 2024 13:28:24 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTCZJZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 21 Aug 2024 07:28:23 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78E6705DC1F2459C9FB718A5DF263DA5 Ref B: FRA31EDGE0609 Ref C: 2024-08-21T07:28:24Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Aug 2024 07:28:24 GMT
document-policy
force-load-at-top
x-fb-server-load
54
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58912
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
JNtK+ubTv4gU2bPlH04tMy2b2gPQfnW3Y2ZfPfUaKDUClQL524AaReESex7SOQLtZkTeYJzm/Y1W1GVWBA7XuQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ipxi2chi7b
www.clarity.ms/tag/ 		501 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ipxi2chi7b?ref=gtm2
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23af535442a61ac65a19dd53658870b8b3efb96433666b78733e48e6ab3521c9

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date
Wed, 21 Aug 2024 07:28:24 GMT
x-azure-ref
20240821T072824Z-179d6ccbd5577747zr8s39mdf000000007gg000000011cyv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
501
expires
-1
89cfe050-49f7-42f2-8d38-441e13ebe9cf.js
payrexx.containers.piwik.pro/ 		244 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrexx.containers.piwik.pro/89cfe050-49f7-42f2-8d38-441e13ebe9cf.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a82b9ba9928e497cc1659f047c576fe9b71b3ec0364c041f05a3445f2243d571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
referrer-policy
origin
etag
W/"9564411dcab094bc-42612aef737cded3"
vary
Accept-Encoding, Cookie
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate
x-robots-tag
none
x-cached
HIT
56a56e31-e40b-4085-b0f8-bb99bfb5494e.js
payrexx.containers.piwik.pro/ 		211 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrexx.containers.piwik.pro/56a56e31-e40b-4085-b0f8-bb99bfb5494e.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a1134371c19d09ffb22b5e5265325fe6b0f41671cfc50bf869eb32340c7d750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
referrer-policy
origin
etag
W/"9564411dcab094bc-e1323dd057317044"
vary
Accept-Encoding, Cookie
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate
x-robots-tag
none
x-cached
MISS
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9ZTFHJ756R&gtm=45je48j0v879512278z871494221za200zb71494221&_p=1724225303719&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2024150638.1724225304&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724225304&sct=1&seg=0&dl=https%3A%2F%2Flogin.payrexx.com%2Fde&dt=Payrexx%20-%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1339
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ZTFHJ756R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 07:28:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.payrexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9ZTFHJ756R&cid=2024150638.1724225304&gtm=45je48j0v879512278z871494221za200zb71494221&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ZTFHJ756R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 07:28:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.payrexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9ZTFHJ756R&cid=2024150638.1724225304&gtm=45je48j0v879512278z871494221za200zb71494221&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=416663812
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 07:28:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 09:01:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=68449
accept-ranges
bytes
content-length
14597
/
px.ads.linkedin.com/wa/ 		0
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9712DFD27FA94804916E7D6EBAED4040 Ref B: FRAEDGE1211 Ref C: 2024-08-21T07:28:24Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://login.payrexx.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYgLHzHnbDzCD+hPNpxEA==
attribution_trigger
px.ads.linkedin.com/ 		2 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6B3420D1DF99427D9134FE55C14EF6EC Ref B: DUS30EDGE0416 Ref C: 2024-08-21T07:28:24Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYgLHzHZXtAXBX/QZJvzQ==
x-fs-uuid
0006202c7cc7657b405c15ff41926fcd
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2&e_ipv6=AQKf_oLwe4aOaQAAAZFz1jdEht9R5s5AT-MRadj1pwDF_WQug6lzJjzIQBY9Vjc
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2&e_ipv6=AQKf_oLwe4aOaQAAAZFz1jdEht9R5s5AT-MRadj1pwDF_WQug6lzJjzIQBY9Vjc
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EF74AC404ED049059E49928B93F66609 Ref B: ZRHEDGE1015 Ref C: 2024-08-21T07:28:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgLHzOEQtawsdCfvLIyw==

Redirect headers

date
Wed, 21 Aug 2024 07:28:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 76BB9C527F47499FBF6B882188C69D87 Ref B: FRAEDGE1211 Ref C: 2024-08-21T07:28:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3920097&time=1724225304165&url=https%3A%2F%2Flogin.payrexx.com%2Fde&tm=gtmv2&e_ipv6=AQKf_oLwe4aOaQAAAZFz1jdEht9R5s5AT-MRadj1pwDF_WQug6lzJjzIQBY9Vjc
x-li-source-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYgLHzHEiSnKJQtg8MvfA==
187115009.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187115009.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ecb903f1f91369317263eb780b7d68b259099b44869ff134ed3a9f6eaef4169f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Wed, 21 Aug 2024 07:28:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF5E7FCB86574E09AFAF1C03EE4A89EC Ref B: FRA31EDGE0609 Ref C: 2024-08-21T07:28:24Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
ppms.php
payrexx.piwik.pro/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://payrexx.piwik.pro/ppms.php
Requested by
Host: payrexx.piwik.pro
URL: https://payrexx.piwik.pro/ppms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
501712026657468
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/501712026657468?v=2.9.165&r=stable&domain=login.payrexx.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c23b4343d30f0f6a31f82765f70b0f4b0bb606ac379a561db937a321d36cec2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Aug 2024 07:28:24 GMT
document-policy
force-load-at-top
x-fb-server-load
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12966
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=50, mss=1297, tbw=64456, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
wjNA0jRF/j6z3RZGj6ZiZ108fx4Q5/9iojk9iN9ZuwWGWD640AluEVrDNrdSU8NK7ScBVpy3eBONj+daezvl7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
187115009
www.clarity.ms/tag/uet/ 		680 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/187115009
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187115009.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46ebd49d307732c9ff18c73709ee29f3b79a85cfbbf3649a41145d6ed750159e

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Wed, 21 Aug 2024 07:28:24 GMT
x-azure-ref
20240821T072824Z-179d6ccbd5577747zr8s39mdf000000007gg000000011cz4
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
680
expires
-1
0
bat.bing.com/action/ 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187115009&tm=gtm002&Ver=2&mid=aad752ab-d706-4ada-bdbb-19ecbce73575&sid=f33a4b805f8e11ef934025ee425ba092&vid=f33a60a05f8e11ef949b3dae496692eb&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=Payrexx%20-%20Login&kw=Login,%20Einloggen,%20Zahlungen,%20Zahlungsanbieter,%20E-Payment,%20E-Commerce,%20Payment&p=https%3A%2F%2Flogin.payrexx.com%2Fde&r=&lt=671&evt=pageLoad&sv=1&cdb=AQAQ&rn=380997
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Aug 2024 07:28:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69BD123F096040E4BEA9029D73D9489F Ref B: FRA31EDGE0609 Ref C: 2024-08-21T07:28:24Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bf00e16f095545269680804a6cc08db746641285d4fc2a7525efc0c0b2ecb35c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 09:01:58 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=9499
accept-ranges
bytes
content-length
759
ppms.js
payrexx.containers.piwik.pro/ 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrexx.containers.piwik.pro/ppms.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3ce81ba84fe1bc8bb2272cb2e469c701d421df8f14dfc5d4d9d88f359b8d5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Aug 2024 09:24:24 GMT
referrer-policy
origin
etag
W/"66b1ebc8-f138"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
max-age=21600
expires
Wed, 21 Aug 2024 13:28:24 GMT
bat.js
bat.bing.com/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:23 GMT
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78E6705DC1F2459C9FB718A5DF263DA5 Ref B: FRA31EDGE0609 Ref C: 2024-08-21T07:28:24Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9dca3e1405640ba65996828612b9186c7e481644a75bac9ecaa9529afbbebd5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 21 Aug 2024 07:28:24 GMT
ipxi2chi7b
www.clarity.ms/tag/ 		501 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ipxi2chi7b?ref=gtm2
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23af535442a61ac65a19dd53658870b8b3efb96433666b78733e48e6ab3521c9

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Wed, 21 Aug 2024 07:28:24 GMT
x-azure-ref
20240821T072824Z-179d6ccbd5577747zr8s39mdf000000007gg000000011czm
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
501
expires
-1
89cfe050-49f7-42f2-8d38-441e13ebe9cf.js
payrexx.containers.piwik.pro/ 		244 KB
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://payrexx.containers.piwik.pro/89cfe050-49f7-42f2-8d38-441e13ebe9cf.js
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a82b9ba9928e497cc1659f047c576fe9b71b3ec0364c041f05a3445f2243d571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
strict-transport-security
max-age=31536000
referrer-policy
origin
x-content-type-options
nosniff
content-encoding
gzip
etag
W/"9564411dcab094bc-42612aef737cded3"
vary
Accept-Encoding, Cookie
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate
x-robots-tag
none
x-cached
BYPASS
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Aug 2024 09:01:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=68449
accept-ranges
bytes
content-length
14597
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=501712026657468&ev=PageView&dl=https%3A%2F%2Flogin.payrexx.com%2Fde&rl=&if=false&ts=1724225304305&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724225304304.166904269600219272&ler=empty&cdl=API_unavailable&it=1724225304217&coo=false&rqm=GET
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 21 Aug 2024 07:28:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=501712026657468&ev=PageView&dl=https%3A%2F%2Flogin.payrexx.com%2Fde&rl=&if=false&ts=1724225304305&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724225304304.166904269600219272&ler=empty&cdl=API_unavailable&it=1724225304217&coo=false&rqm=FGET
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8d445835a6a192f9","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6814113828715998","24:4496431723709832","24:4133125670078349","7830:6814113828715998","7830:4496431723709832","7830:4133125670078349","10853:6814113828715998","10853:4496431723709832","10853:4133125670078349","41:6814113828715998","41:4496431723709832","41:4133125670078349","8046:6814113828715998","8046:4496431723709832","8046:4133125670078349"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 21 Aug 2024 07:28:24 GMT
x-fb-server-load
50
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405491293633070835", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=18, mss=1297, tbw=3301, tp=-1, tpl=-1, uplat=161, ullat=0
pragma
no-cache
x-fb-debug
ctjxaMMTAhnw7XPXb8gvy3MXrgFSBztrg2Db9S/hlyzodQyErroXazGuvRQL96gRAwZJwfIffjTiXWCmTcRUzA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405491293633070835"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=501712026657468&ev=ViewContent&dl=https%3A%2F%2Flogin.payrexx.com%2Fde&rl=&if=false&ts=1724225304306&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=4126&fbp=fb.1.1724225304304.166904269600219272&ler=empty&cdl=API_unavailable&it=1724225304217&coo=false&rqm=GET
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2858, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 21 Aug 2024 07:28:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=501712026657468&ev=ViewContent&dl=https%3A%2F%2Flogin.payrexx.com%2Fde&rl=&if=false&ts=1724225304306&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=4126&fbp=fb.1.1724225304304.166904269600219272&ler=empty&cdl=API_unavailable&it=1724225304217&coo=false&rqm=FGET
Requested by
Host: login.payrexx.com
URL: https://login.payrexx.com/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdb50a7e864b6e497","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:1712735882099345","14:1662082303849637","14:1460995887353453","7834:1712735882099345","7834:1662082303849637","7834:1460995887353453","564:1712735882099345","564:1662082303849637","564:1460995887353453","10196:1712735882099345","10196:1662082303849637","10196:1460995887353453","10853:1712735882099345","10853:1662082303849637","10853:1460995887353453","31:1712735882099345","31:1662082303849637","31:1460995887353453","8053:1712735882099345","8053:1662082303849637","8053:1460995887353453","617:1712735882099345","617:1662082303849637","617:1460995887353453"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 21 Aug 2024 07:28:24 GMT
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405491293356916100", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=18, mss=1297, tbw=6660, tp=-1, tpl=-1, uplat=177, ullat=0
pragma
no-cache
x-fb-debug
7JEAWVKpPx1ZmCQJRsMPlsk2bkUmrBS8S8AJzQbL7yV+3uyz0ASo0AllHo0YeubA2QVVNUYq0fu7MoWKEvdB8A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405491293356916100"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.44/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.44/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ipxi2chi7b?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9dbecbadaa08e0d16aab217984189ff2cef37b1d741038db5a4aceba05eb1470

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:24 GMT
content-encoding
br
last-modified
Mon, 19 Aug 2024 18:56:59 GMT
etag
W/"0x8DCC080B41F78CC"
vary
Accept-Encoding
x-azure-ref
20240821T072824Z-179d6ccbd5577747zr8s39mdf000000007gg000000011czp
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
82ed6712-b01e-000e-47d1-f2076b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
www-widgetapi.js
www.youtube.com/s/player/6db2bd17/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6db2bd17/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 03:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
13361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10546
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:16:02 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Aug 2025 03:45:43 GMT
bframe
www.google.com/recaptcha/api2/ Frame BCF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LchLkUUAAAAAM4gkavOwT5tljRJPpFq0kwWWxoX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pQpbTxBMSA0_SQlYvXIOgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.payrexx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pQpbTxBMSA0_SQlYvXIOgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Aug 2024 07:28:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
x.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.44/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://login.payrexx.com
Date
Wed, 21 Aug 2024 07:28:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
favicon.ico
media.payrexx.com/assets/favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.payrexx.com/assets/favicons/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.53.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-53-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fe0e98ad6274e6f274da533b71197448f1a55e300e2e9945fb34369279388e15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 07:28:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Apache
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=86400
content-disposition
inline
access-control-allow-headers
Origin, X-Requested-With, Authorization
x-xss-protection
1; mode=block
expires
Thu, 22 Aug 2024 07:28:24 GMT
ppms.php
payrexx.piwik.pro/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://payrexx.piwik.pro/ppms.php
Requested by
Host: payrexx.piwik.pro
URL: https://payrexx.piwik.pro/ppms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
ppms.php
payrexx.piwik.pro/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://payrexx.piwik.pro/ppms.php
Requested by
Host: payrexx.piwik.pro
URL: https://payrexx.piwik.pro/ppms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:1020:c01:4::40 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187115009&Ver=2&mid=7736ba30-7980-46af-a7e5-41845a18387a&sid=f33a4b805f8e11ef934025ee425ba092&vid=f33a60a05f8e11ef949b3dae496692eb&vids=0&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=Payrexx%20-%20Login&kw=Login,%20Einloggen,%20Zahlungen,%20Zahlungsanbieter,%20E-Payment,%20E-Commerce,%20Payment&p=https%3A%2F%2Flogin.payrexx.com%2Fde&r=&lt=2195&evt=pageLoad&sv=1&cdb=AQAA&rn=448407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Aug 2024 07:28:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C8727BDA4EFD4E52BDE80795E8687E9C Ref B: FRA31EDGE0609 Ref C: 2024-08-21T07:28:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.44/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://login.payrexx.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://login.payrexx.com
Date
Wed, 21 Aug 2024 07:28:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ function| recaptchaReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer object| recaptcha object| closure_lm_309509 object| google_tag_manager object| google_tag_data object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| _paq function| fbq function| _fbq function| clarity string| f object| ppms function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk object| ORIBILI function| UET function| UET_init function| UET_push object| ueto_b8b2629ca6 object| uetq object| Piwik object| AnalyticsTracker function| piwik_log object| sevenTag object| wgxpath number| _linkedin_data_partner_id object| PPHeatmapClickEvent object| ueto_5dd02fa285 object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| clarityuetq

21 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ACgiStw5ceN9G3GWo8XgvWCI7vqETnMjSX85lw1YzLteOEESBz4fdO55hNVJpGsBGHRBnp4H_pIKS4O-mIUSZos
.jd-ict.ch/ Name: PHPSESSID
Value: n2icps1db7iu9l65k0aqriiomb
.payrexx.com/ Name: _gcl_au
Value: 1.1.2120388448.1724225304
.payrexx.com/ Name: _ga
Value: GA1.1.2024150638.1724225304
.payrexx.com/ Name: _ga_9ZTFHJ756R
Value: GS1.1.1724225304.1.0.1724225304.60.0.0
.bing.com/ Name: MUID
Value: 1572B3DC6FB66E5C16C5A73E6E3D6F1E
login.payrexx.com/ Name: _pk_id.89cfe050-49f7-42f2-8d38-441e13ebe9cf.f0e8
Value: ad53ffac63e85ab8.1724225304.1.1724225304.1724225304.
login.payrexx.com/ Name: _pk_ses.89cfe050-49f7-42f2-8d38-441e13ebe9cf.f0e8
Value: *
login.payrexx.com/ Name: stg_traffic_source_priority
Value: 1
login.payrexx.com/ Name: stg_last_interaction
Value: Wed%2C%2021%20Aug%202024%2007:28:24%20GMT
login.payrexx.com/ Name: stg_returning_visitor
Value: Wed%2C%2021%20Aug%202024%2007:28:24%20GMT
.payrexx.com/ Name: _fbp
Value: fb.1.1724225304304.166904269600219272
.bing.com/ Name: MSPTC
Value: 2G3k_1RCzKw8tHa0hYIpz-xwlhHmwBpFwS0ElgGYFVw
.youtube.com/ Name: YSC
Value: ACLJl5mXnfI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: kFfapR0jmpw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgGw%3D%3D
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2910:u=1:x=1:i=1724225304:t=1724311704:v=2:sig=AQFKNSeAxVwg8W5lZzm7_IUEacFXgxAU"
.linkedin.com/ Name: bcookie
Value: "v=2&c0e2b604-0a6f-4376-828e-5ecbbe296a66"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjQyMjUzMDQ7MjswMjGIs5KTtRR40LKMdfdK/IOmNPVAdNiIYwC2039yxI8Kfw==
.payrexx.com/ Name: _uetsid
Value: f33a4b805f8e11ef934025ee425ba092
.payrexx.com/ Name: _uetvid
Value: f33a60a05f8e11ef949b3dae496692eb

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.payrexx.com/de
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backoffice.payrexx.com
bat.bing.com
connect.facebook.net
invoice.jd-ict.ch
login.payrexx.com
media.payrexx.com
payrexx.containers.piwik.pro
payrexx.piwik.pro
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.clarity.ms
13.107.42.14
142.250.185.68
142.250.186.67
18.156.53.189
20.114.190.119
2001:4860:4802:34::36
2603:1020:c01:4::40
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9b
2a02:26f0:3500:10::210:a9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.74.195.126
1b235ed2749d98439b3e072245e1599be732e2ae0d00da0686496461d399aaee
23af535442a61ac65a19dd53658870b8b3efb96433666b78733e48e6ab3521c9
2b961030b8675bd6397b467b996ca828c989c7aad5229d150236b19be8cfc8d6
3a1134371c19d09ffb22b5e5265325fe6b0f41671cfc50bf869eb32340c7d750
3c108ca1179a425cd0fe1da2e4e69293299f1d19387126caf2fd14a9483dbffd
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4644cf6e5ad377142f6424593c0105c91e6a6d635ba17082fe0a239455524950
46ebd49d307732c9ff18c73709ee29f3b79a85cfbbf3649a41145d6ed750159e
756b66867b06ff4221ff4a29936be54324ea730983565da8c981e64441f4c532
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
82b5958508e3211556555c7551fd6b823b7d7b750270807d3749277c32d3b5eb
8b471fa6c3e6af911838ebf7d9343f1e8c612275264dd9dc604a814bfe669357
9dbecbadaa08e0d16aab217984189ff2cef37b1d741038db5a4aceba05eb1470
a3a19af69fdecbf6a36f0050a1c778a790652c6db26d8d5dd89ca03ba446bbd6
a3ce81ba84fe1bc8bb2272cb2e469c701d421df8f14dfc5d4d9d88f359b8d5dd
a82b9ba9928e497cc1659f047c576fe9b71b3ec0364c041f05a3445f2243d571
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b94f16cec8ee36c24b5ca91243c1da9491cc5f4230cb8b1ebabf831b3abe96e3
bf00e16f095545269680804a6cc08db746641285d4fc2a7525efc0c0b2ecb35c
c23b4343d30f0f6a31f82765f70b0f4b0bb606ac379a561db937a321d36cec2d
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
d55b9c0f78b8b917b812bda51ce49651cf657ac614153e4745c9aca54503d2eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dca3e1405640ba65996828612b9186c7e481644a75bac9ecaa9529afbbebd5
ec6d1b02c547137fb333247fb2939d7ad7de98f77a56cbc44f075eac111ea129
ecb903f1f91369317263eb780b7d68b259099b44869ff134ed3a9f6eaef4169f
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd9878209ad6085e05b6c2adb3c6b673ade823e8511e16e3c009d9a2009700c3
fe0e98ad6274e6f274da533b71197448f1a55e300e2e9945fb34369279388e15