URL: https://de.carpay-diem.com/
Submission Tags: falconsandbox
Submission: On November 29 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 53 HTTP transactions. The main IP is 2606:4700:4400::6812:2866, located in United States and belongs to CLOUDFLARENET, US. The main domain is de.carpay-diem.com.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.
This is the only time de.carpay-diem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:440... 13335 (CLOUDFLAR...)
13 104.18.160.117 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.4 15169 (GOOGLE)
8 172.64.149.114 13335 (CLOUDFLAR...)
1 108.138.34.60 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
1 2600:9000:216... 16509 (AMAZON-02)
2 172.217.18.3 15169 (GOOGLE)
2 142.250.185.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 157.240.253.1 32934 (FACEBOOK)
1 2600:9000:225... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
2 2600:9000:26d... 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 108.138.36.123 16509 (AMAZON-02)
2 157.240.253.35 32934 (FACEBOOK)
2 2a04:4e42::720 54113 (FASTLY)
53 26
Apex Domain
Subdomains
Transfer
13 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6218
250 KB
8 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 7379
api.weglot.com — Cisco Umbrella Rank: 20754
72 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
967 B
3 axept.io
static.axept.io — Cisco Umbrella Rank: 61766
client.axept.io — Cisco Umbrella Rank: 64050
187 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
268 KB
2 imgix.net
axeptio.imgix.net — Cisco Umbrella Rank: 105620
34 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 15595
tr.lfeeder.com — Cisco Umbrella Rank: 24311
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
226 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
7 KB
2 carpay-diem.com
de.carpay-diem.com
10 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
556 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
14 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
32 KB
53 18
Domain Requested by
13 cdn.prod.website-files.com de.carpay-diem.com
cdn.prod.website-files.com
7 cdn.weglot.com de.carpay-diem.com
cdn.weglot.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.google.com de.carpay-diem.com
www.gstatic.com
2 axeptio.imgix.net
2 www.facebook.com de.carpay-diem.com
2 client.axept.io static.axept.io
2 connect.facebook.net de.carpay-diem.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com de.carpay-diem.com
2 de.carpay-diem.com de.carpay-diem.com
1 tr.lfeeder.com de.carpay-diem.com
1 px4.ads.linkedin.com de.carpay-diem.com
1 www.google.de de.carpay-diem.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 sc.lfeeder.com de.carpay-diem.com
1 snap.licdn.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 api.weglot.com cdn.weglot.com
1 static.axept.io de.carpay-diem.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net de.carpay-diem.com
1 ajax.googleapis.com de.carpay-diem.com
53 25
Subject Issuer Validity Valid
de.carpay-diem.com
WE1
2024-11-29 -
2025-02-27
3 months crt.sh
prod.website-files.com
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdn.weglot.com
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
static.axeptio.eu
Amazon RSA 2048 M02
2024-05-19 -
2025-06-17
a year crt.sh
api.weglot.com
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-07 -
2024-12-06
3 months crt.sh
*.lfeeder.com
Amazon RSA 2048 M02
2024-02-20 -
2025-03-20
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.de
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
client.axept.io
Amazon RSA 2048 M03
2024-07-03 -
2025-07-31
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2024 Q4
2024-10-09 -
2025-11-10
a year crt.sh

This page contains 3 frames:

Primary Page: https://de.carpay-diem.com/
Frame ID: 6CCD559F4B041F85D472D895CE2B14DF
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvZ6YpAAAAAOI8pC2QGPESs3sm5DpnI6OQfYfI&co=aHR0cHM6Ly9kZS5jYXJwYXktZGllbS5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=kp1gh49neuhz
Frame ID: B361B2DE66A1D2B6DAAE961F810631D8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcvZ6YpAAAAAOI8pC2QGPESs3sm5DpnI6OQfYfI
Frame ID: 5480BA9CA03B7A4E9C85671A3E13E44F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

CarPay-Diem | Tanken mit Smartphone oder Fahrzeug

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

53
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

26
IPs

4
Countries

1214 kB
Transfer

3732 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F&e_ipv6=AQKpXiRR7NN5gQAAAZN5Lmi7KF6yUFpO3X5psDEbUHHTCMNXZThAAEAEhhr_Sqgm62vA9IHH

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
de.carpay-diem.com/
38 KB
10 KB
Document
General
Full URL
https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5f2da34f88c31b55a094040dec5f3b3cd55eaeb05d048443dce94c150e8124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1566038
cf-cache-status
DYNAMIC
cf-ray
8ea4a83e9f70975b-FRA
content-encoding
br
content-language
de
content-type
text/html
date
Fri, 29 Nov 2024 18:28:23 GMT
last-modified
Mon, 11 Nov 2024 15:27:45 GMT
processed-by
Weglot
server
cloudflare
strict-transport-security
max-age=31536000
surrogate-control
max-age=2147483647
surrogate-key
www.carpay-diem.com 641b2068e70beb73dbc4d6b4 pageId:641b2069e70beb10d8c4d6bf
vary
Accept-Encoding
weglot
id.8ea4a83e9f70975b, p.cf, ct
weglot-translated
true
x-cluster-name
eu-south-1-prod-hosting-red
x-lambda-id
d38f1348-c6e7-468f-bdd8-3cdede91bacc
carpay-diem-6563ab.webflow.9db440eb4.css
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/css/
91 KB
17 KB
Stylesheet
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/css/carpay-diem-6563ab.webflow.9db440eb4.css
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18376aeee79bf6c6a25e3f7e34ad17041c4ff48d5dd68a8195c6e4cfe0c44fd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"871de3775f7da53da6f73bd360324db1"
x-amz-version-id
562SxwIzHw5ozJbeq5vbQBstNyeGTgZN
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:23 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 12:08:36 GMT
vary
Accept-Encoding
x-amz-id-2
r+ZUSemygjALmiJQ42nPv+rL8cc3piTf4LcKCJv3GlcbSbRsMZO3AIPq3Wp0P6tXhMCFczGxFmI=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
BM1GEK3R9VKRT57E
cf-ray
8ea4a841388d5c0e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16926
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
age
278379
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 13:08:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 13:08:44 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
422 KB
134 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CVT0MHSQ7J
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fad852bd74f33061547c8732ac7d02570ac1b5cac796da4c961f030db234a315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 18:28:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136813
x-xss-protection
0
server
Google Tag Manager
api.js
www.google.com/recaptcha/
1 KB
967 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
ESF /
Resource Hash
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 18:28:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 29 Nov 2024 18:28:23 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
weglot.min.js
cdn.weglot.com/
136 KB
47 KB
Script
General
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3259cb68fda51b17ece2636c716428d651cdbbb37ec92c72de42b873f700279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"2b831221931f76444043b54d14ab7708"
age
145
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 18:58:23 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
w38GGCc2KAT30_rnD_OANE-uj93gD6QShoMn93pFYEvT3meF7a4flQ==
date
Fri, 29 Nov 2024 18:28:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 12:40:43 GMT
vary
accept-encoding
priority
u=1,i=?0
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
via
1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
cf-ray
8ea4a8412a88e521-TXL
x-amz-cf-pop
FRA56-P9
server
cloudflare
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
32 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=641b2068e70beb73dbc4d6b4
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-60.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de.carpay-diem.com
Referer
https://de.carpay-diem.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
62093
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
NWfvQ_EBX12TtPDhPNzt9a_hx0rsLG3KoT3wUVF3bBPm38HX6qDXzg==
date
Fri, 29 Nov 2024 01:13:31 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P2
server
AmazonS3
webflow.7687dd746.js
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/js/
527 KB
98 KB
Script
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/js/webflow.7687dd746.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fd7db982d2e6f1128e4683e8e9a9199bd66d787e622e4eaca07c13010ff2da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"f9d21eb9ca6199a761b92721c42c96fd"
x-amz-version-id
zSIEzxhW8g77Q7AnUtjQWFfPTWL._MpL
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:23 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 12:08:36 GMT
vary
Accept-Encoding
x-amz-id-2
o68X1+z/cz7w4+5xyjQ7J5HfBwyqbs1/I3w/dsqwSnarHVEhEcoqmaXqPMHBjNfLGQb5YeKaWm4=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
BM1SG7F36AJC25DE
cf-ray
8ea4a84138905c0e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
99240
server
cloudflare
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/
3 KB
956 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d52f447ff8f81e16913641252194afe600a9100ed42a603796582d0f15482da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 18:28:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 18:28:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de.carpay-diem.com
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
age
25798
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 11:18:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 11:18:26 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
gtm.js
www.googletagmanager.com/
268 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJ56L62
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c60cff9f1f7bb8ae2e968b7b1b93ae0f0ab44dd213e66a57f087ec43626a2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 29 Nov 2024 18:28:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 29 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93074
x-xss-protection
0
server
Google Tag Manager
weglot.min.css
cdn.weglot.com/
28 KB
5 KB
Stylesheet
General
Full URL
https://cdn.weglot.com/weglot.min.css?v=8
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"396483c84619a8b59a272ec60b4059c4"
x-amz-version-id
null
age
57967
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
94WiKhBjq4ouIXMUALuvua9vgN_o8XWw_a7PWD5O1Uu-xeZ2fmoIOw==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 15 May 2024 14:56:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 a88ce58481b7f10d1a017c154599e332.cloudfront.net (CloudFront)
cf-ray
8ea4a8426959e521-TXL
access-control-allow-origin
*
x-amz-cf-pop
WAW51-P2
server
cloudflare
641b2312c7b51b7cde1e709b_green%20dot.png
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
61 KB
62 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b2312c7b51b7cde1e709b_green%20dot.png
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/css/carpay-diem-6563ab.webflow.9db440eb4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7834a78043c5f67325befc44dafa946e730b41747c3caf5ce6df129a1ac3760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/css/carpay-diem-6563ab.webflow.9db440eb4.css

Response headers

cf-cache-status
HIT
etag
"18e8b5db7c75c541526f117788c2d206"
x-amz-version-id
gorx78bne4RV9SQhfB1LoS8P9sW.q1MP
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/png
last-modified
Wed, 22 Mar 2023 15:47:32 GMT
vary
Accept-Encoding
x-amz-id-2
dNOeglgD3semcDhcrINr8p8C6p0V7hNVCLRXn0vAgcKnS2lwoFx/NnTybmGGvCE4lF1vG51CA4s=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1S3H2HZ41NK208
cf-ray
8ea4a842796d5c0e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
62838
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de.carpay-diem.com
Referer

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
641b23119b587ca7a230092f_carpay%20diem%20colored.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
9 KB
4 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b23119b587ca7a230092f_carpay%20diem%20colored.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df58e011d38907099375baf78350dd08cc799f4b78ade98de437949a28898bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e03a0b61647a98b937f380af033da3ab"
x-amz-version-id
SD6DPp5vTBukPsfNtTAw047yhhMsA0ic
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:31 GMT
vary
Accept-Encoding
x-amz-id-2
jYOryHXK0dQH9gdlHxkEZkVkSu2ddvFUMd2r6M2LoyPP+I7dAh7sHwITF8rs2t7hK/b+P2GHxmE=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1RTAVSGX0EZA6C
cf-ray
8ea4a84289715c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b23117968b0552fc59984_arrrow%20hero%20hp.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
1 KB
1008 B
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b23117968b0552fc59984_arrrow%20hero%20hp.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e25ea5fbab9c57c298317c53bbee62bf016f07c1e06a405b34d7af36355a462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2aff48a57d9eb0e80d24d6f7e14e0302"
x-amz-version-id
.B1BgJ2KNXeN3025e04IzKVRQ6hOXuIP
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:31 GMT
vary
Accept-Encoding
x-amz-id-2
XpwnHadtx81vpsFthN5g6BQbuFAGWQn2icR6zSEN86NjqXxDQHDn2VEJzDOArn+qLj/v2qqCvNs=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1RJM9PDGXZWJMD
cf-ray
8ea4a84289735c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641c6dcff505af69a076b273_hero%20homepage.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
66 KB
23 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641c6dcff505af69a076b273_hero%20homepage.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed527fdca0fed4b8ef53f20c293b5d0a375ac5a06942ab2260d5abfce71ae2ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b00404582e04b49dac8459ea803f1cac"
x-amz-version-id
dZ3z2SiBpMEl6eOTLGohdtxOQvj1fcHA
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Thu, 23 Mar 2023 15:18:41 GMT
vary
Accept-Encoding
x-amz-id-2
NcYfal00L2mP1s2BkcLF7Mm9awVzngmbMyt+rDHmHFM9+OsuWbF0h3v3I3AHnHaTIthOYgNamsk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1J7EHEJ7VMBS16
cf-ray
8ea4a84289755c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b231195ddff6597a6bf90_Frame%20106.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
4 KB
2 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b231195ddff6597a6bf90_Frame%20106.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269b20a33a7c94dc8c2e95de4bfc87921c0559554adb3684877af43efcce2b35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7865da6be3e478cf7ab64c85171f1beb"
x-amz-version-id
0HFDq1VY6x5HAQC1igy1XpaGvhrkUgUu
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:31 GMT
vary
Accept-Encoding
x-amz-id-2
MqomcpxaDhMn7woE0ZFKDgAyal/yi5H/XcYlHuCcSSk1InBUyHSx0HJq5xJg27V7VjJ/hxW57b4=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1ZWWPDVTCDEVEA
cf-ray
8ea4a84289785c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b2311e93efabf588a8706_Frame%20107.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
1 KB
1 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b2311e93efabf588a8706_Frame%20107.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908c033b72ba02262cfa3575971d449c0e6868dbbef0874c332075ee9d72f16f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e392bb0a7759744a085bdb7f6ad3963a"
x-amz-version-id
jrxThC0lDbs24NVcf_OT6LadzMm2.uMt
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:31 GMT
vary
Accept-Encoding
x-amz-id-2
nfQG4vlij3to+pLcbKMGoZX+ASRifZWD5CyBT0uxFyxBaUNyltPYl/lHTfE2WuJkDWLghg9LaPI=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1YSYAXJB79N2K0
cf-ray
8ea4a84289795c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b2313c7b51b510b1e70a0_mobile.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
1 KB
937 B
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b2313c7b51b510b1e70a0_mobile.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8660ac11bc22d4b985ba22bbe573fa08e40ac939c9a9902be71551a2b692ccf8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7eb812f49d4e8a69d05bb667d58aefdb"
x-amz-version-id
12Lp7fPj3mF_rqnXHc_GNZyxjVXhaipI
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:32 GMT
vary
Accept-Encoding
x-amz-id-2
cPvTVzPsvkaIzGQeh1LmNl/der8YoQltDEhpwHkRyu8BGRLe2r/2TrtXUFpTAEFG4pnGsNCPWSk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1J42CW69XA7BVX
cf-ray
8ea4a842897b5c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b2312ac0e22b954c3639a_Group.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
2 KB
1 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b2312ac0e22b954c3639a_Group.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d172f5e4931a34925f9df7de4fae69ec51fd3fae9afe64af7d3304742ca2cbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"d0f5cec76c56a23f6dea272c68575118"
x-amz-version-id
6Sg3dTBBuZPtS9SSaKJ1wI2cwUpfAWe4
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:31 GMT
vary
Accept-Encoding
x-amz-id-2
FyEf+YA6J1iQujeLIjzhyIZDxbw52j1f4/R3WRVjCblK/3mSjuhp9s1pgBdZhTsLGaYQuwO5puA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1WWCY53GRSD3EX
cf-ray
8ea4a842897c5c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641b23139b587c111430093e_underline%20about%20us%20.svg
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
263 B
584 B
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641b23139b587c111430093e_underline%20about%20us%20.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e66faff176fc7fd7e72820338021fec22b79af5bd8116564a10aa2b43325055

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67fb468fe421223e5a14de979e4ee118"
x-amz-version-id
P_sge5d6lEZ3xqV9JNO033KUeVU1M34Q
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml
last-modified
Wed, 22 Mar 2023 15:47:32 GMT
vary
Accept-Encoding
x-amz-id-2
CSLTj///seIT7tPx5z0cIncalccT4asJkTxjTAmjrXZKIMTEd0sqoQHo3R3+FeOfoBImU3q0Au8=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BM1Y3QZVNGBBWRWE
cf-ray
8ea4a842897d5c0e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
641c1561ac9e36c27ec4901b_map%20europe-p-500.png
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
38 KB
39 KB
Image
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/641c1561ac9e36c27ec4901b_map%20europe-p-500.png
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee414d43cc52a367c4c9e93dd750d84001dde981cf1fc6ef5e1ef836df308be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cf-cache-status
HIT
etag
"9aeb4565947cb3915b8aa9733fb064d5"
x-amz-version-id
T97536u0.p5_LH4qp4mLiG9rLa8_oKbt
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/png
last-modified
Thu, 23 Mar 2023 09:01:26 GMT
vary
Accept-Encoding
x-amz-id-2
o/BQ4J3Yv4fGwtW5rIpTsW7Z8hmKGRKAQz0FYlVE8Stu0xQYOIYFI2JOnLigZPmkFtiBWqlPnmI=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JN33K82WNAC9Y73E
cf-ray
8ea4a842897e5c0e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
39222
server
cloudflare
x-amz-server-side-encryption
AES256
sdk.js
static.axept.io/
710 KB
181 KB
Script
General
Full URL
https://static.axept.io/sdk.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:1400:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc2abc32b3edd375272b2f386a970d773817c90bad11f6f313d9f40e6988c31d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
etag
W/"9ccbd85cf79eb27a72948532ff3dc415"
x-amz-version-id
24OrQTKphVUE6QqLrHfyuSKvONra2IAO
age
19621
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aSoK601euTR0Cbh9HKLQCuA15EeTZMNCnTBhmy0mEcFhk4fCsz9lVA==
date
Fri, 29 Nov 2024 13:01:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 13:01:21 GMT
cross-origin-resource-policy
cross-origin
via
1.1 1f6c8fca2731ca6abec1a6d565d2093e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pageviews
api.weglot.com/
0
0
Ping
General
Full URL
https://api.weglot.com/pageviews?api_key=wg_cae7651728bede9e8c4b48fceb7deff10
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://de.carpay-diem.com/

Response headers

de.svg
cdn.weglot.com/flags/circle/
349 B
707 B
Image
General
Full URL
https://cdn.weglot.com/flags/circle/de.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d16c2445003ebafe1db889081919f025d3ae513f2b72eeab2920d5905b0849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"d934520f58dcf352bdc6d744931529d4"
age
749349
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BY5uixgL20VcTQSOLgcQlhkcShA_SbNJhvajXolK-6aA2oQjqcjjFw==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 29 Oct 2024 13:57:27 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 bc92c7a079ec548fd10416e41c612926.cloudfront.net (CloudFront)
cf-ray
8ea4a8431c9ae521-TXL
x-amz-cf-pop
WAW51-P2
server
cloudflare
gb.svg
cdn.weglot.com/flags/circle/
669 B
879 B
Image
General
Full URL
https://cdn.weglot.com/flags/circle/gb.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fb4cb49dac0b6dea34272cf0efcaf7b3b4ec6a306a9fe92e50877392246a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"983291f6f032eb37bf5af7a0e185bab6"
age
138462
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ux2uPDIyHiBxDdUKKeCdQQlFd1k2coMd6lS4vO0Fa2o7qcTOITyxkw==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 29 Oct 2024 13:57:28 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cf-ray
8ea4a8431c9de521-TXL
x-amz-cf-pop
FRA60-P4
server
cloudflare
fr.svg
cdn.weglot.com/flags/circle/
420 B
740 B
Image
General
Full URL
https://cdn.weglot.com/flags/circle/fr.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a91cd7779dbae9848793227ad2fe5815ce4f3fa2a04f4f9f8181871728ed31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"1dfb88f30f5e2c0d92e42babb9ca360c"
age
131492
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
9pFPabGy1vP8ea5c9gbTuN6iHRykNloJaH4yh-2wY874pDedjibGWw==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 29 Oct 2024 13:57:28 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
cf-ray
8ea4a8431ca1e521-TXL
x-amz-cf-pop
FRA60-P4
server
cloudflare
it.svg
cdn.weglot.com/flags/circle/
420 B
743 B
Image
General
Full URL
https://cdn.weglot.com/flags/circle/it.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70de7c760f48d8d453a56faaa36ca7e02217d66f2cd4666da63dd5d5c13aabfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"be1f710cc9287706d0e6264ae5cb5a00"
age
139545
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
JD6SKaPgwbZExZL7l_OAgsBnsqF-GqmyY_0wYyLZrnOpnfUnPSLXug==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 29 Oct 2024 13:57:29 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 ae9b73a6155d73586ac1f5db7a197c2a.cloudfront.net (CloudFront)
cf-ray
8ea4a8431ca6e521-TXL
x-amz-cf-pop
WAW51-P2
server
cloudflare
es.svg
cdn.weglot.com/flags/circle/
91 KB
17 KB
Image
General
Full URL
https://cdn.weglot.com/flags/circle/es.svg
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcc0a00ef105f4528b0d7a4a7c7105752a3c4287a56916e847d5de67d85c039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"5a79320cd83ea54c1dda1a61d2e856b7"
age
126864
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:28:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ynunvTOgaLzKZ5ccBKK22Dszo5HlXLKSWuu7FqlgBX1niV3s1xMZUA==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 26 Nov 2024 12:57:35 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
cf-ray
8ea4a8431ca8e521-TXL
x-amz-cf-pop
FRA60-P4
server
cloudflare
truncated
/
255 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/
36 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de.carpay-diem.com
Referer
https://fonts.googleapis.com/

Response headers

age
232222
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 01:58:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 01:58:02 GMT
last-modified
Thu, 21 Mar 2024 23:58:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36848
x-xss-protection
0
server
sffe
rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDV30TGc.woff2
fonts.gstatic.com/s/dmsans/v15/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDV30TGc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
a458047b82f88ea6ecc145fc93030a84349765a15772b5e26de9fa0e78f9299a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de.carpay-diem.com
Referer
https://fonts.googleapis.com/

Response headers

age
194149
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 12:32:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 12:32:35 GMT
last-modified
Thu, 21 Mar 2024 23:59:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15104
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame B361
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvZ6YpAAAAAOI8pC2QGPESs3sm5DpnI6OQfYfI&co=aHR0cHM6Ly9kZS5jYXJwYXktZGllbS5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=kp1gh49neuhz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pZW12-VQ7IoGvQvUDfSvEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de.carpay-diem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pZW12-VQ7IoGvQvUDfSvEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Nov 2024 18:28:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
de.carpay-diem.com/
38 KB
439 B
XHR
General
Full URL
https://de.carpay-diem.com/
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5f2da34f88c31b55a094040dec5f3b3cd55eaeb05d048443dce94c150e8124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

surrogate-control
max-age=2147483647
surrogate-key
www.carpay-diem.com 641b2068e70beb73dbc4d6b4 pageId:641b2069e70beb10d8c4d6bf
cf-cache-status
DYNAMIC
age
1566039
content-encoding
br
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
text/html
last-modified
Mon, 11 Nov 2024 15:27:45 GMT
vary
Accept-Encoding
x-cluster-name
eu-south-1-prod-hosting-red
strict-transport-security
max-age=31536000
weglot-translated
false - unknown media type
cf-ray
8ea4a8445d96975b-FRA
processed-by
Weglot
x-lambda-id
d38f1348-c6e7-468f-bdd8-3cdede91bacc
weglot
id.8ea4a8445d96975b, p.cf, cs, cp
content-language
de
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ56L62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
age
2685
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 19:43:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:43:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ56L62
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cache-control
max-age=59184
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 29 Nov 2024 18:28:24 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Uj64VbWC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Uj64VbWC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
TvUjl8eMQrsCh5/l9cYLoX9c521/0oQngwOiPQAAJVnrZ0yFVGao3pBbgImGegV9SsQz8UPROEHrWB6bISISPA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
lftracker_v1_kn9Eq4RPZd08RlvP.js
sc.lfeeder.com/
31 KB
12 KB
Script
General
Full URL
https://sc.lfeeder.com/lftracker_v1_kn9Eq4RPZd08RlvP.js
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:6800:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dbaa9ff18bb2692b72fcdf305c761008276a97c68248b4b581115a291e9a2ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
br
x-amz-version-id
icwRTlzbMj9pTihMKbTNxc1nnvKsrpss
etag
W/"53444e6fd841ff6fda701d0b9c143a86"
age
3193
x-cache
Hit from cloudfront
x-amz-cf-id
L1Ir_Ln5D2KoLrOuai-CsqAksiOhWUxBrS3vBH-y8E5cPM5YT_Me3w==
date
Fri, 29 Nov 2024 17:35:12 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Thu, 10 Oct 2024 07:22:53 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CVT0MHSQ7J&gtm=45je4bk0v9105629205za200&_p=1732904904048&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGVlNj&cid=708148187.1732904905&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732904904&sct=1&seg=0&dl=https%3A%2F%2Fde.carpay-diem.com%2F&dt=CarPay-Diem%20%7C%20Tanken%20mit%20Smartphone%20oder%20Fahrzeug&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1227
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CVT0MHSQ7J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://de.carpay-diem.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
556 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CVT0MHSQ7J&cid=708148187.1732904905&gtm=45je4bk0v9105629205za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CVT0MHSQ7J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://de.carpay-diem.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVT0MHSQ7J&cid=708148187.1732904905&gtm=45je4bk0v9105629205za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=892316851
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 29 Nov 2024 18:28:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
6421ba07fcac49019f931e18.json
client.axept.io/
5 KB
3 KB
Fetch
General
Full URL
https://client.axept.io/6421ba07fcac49019f931e18.json?r=0
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:a400:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06f25a6cb46e1721990c5b8832e991a7893be50a5bbe272f203df30356e826c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

access-control-expose-headers
X-Viewer-Country,X-Viewer-Country-Region,ETag
content-encoding
gzip
etag
W/"8f876343d01a92cd503e1b9f3cf9df84"
x-amz-version-id
UQtDBmpL.aouhnUAJ8Dqa_F4Bi11IXwx
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-viewer-country
DE
x-amz-cf-id
psULm2pbXyQQWtzErJeGcsVmSKdoNhTtTGQTlFfHjzN08y016r8Rsg==
date
Fri, 29 Nov 2024 18:28:25 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 31 Oct 2023 15:05:51 GMT
via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
x-viewer-country-region
Unknown
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://de.carpay-diem.com/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000628115d48f2b347d03abdd577a445
x-msedge-ref
Ref A: 8CD9D7A49E7B4C3F859F41FAA6CAAC65 Ref B: DUS30EDGE0816 Ref C: 2024-11-29T18:28:24Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYoEV1I8rNH0Dq91XekRQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F&e_ipv6=AQKpXiRR7NN5gQAAAZN5Lmi7KF6yUFpO3X5psDEbUHHTCMNXZThAAEAEhhr_Sqgm62vA9IHH
0
264 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F&e_ipv6=AQKpXiRR7NN5gQAAAZN5Lmi7KF6yUFpO3X5psDEbUHHTCMNXZThAAEAEhhr_Sqgm62vA9IHH
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 72CF428776514CB29347EFD053122202 Ref B: FRAEDGE1119 Ref C: 2024-11-29T18:28:25Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYoEV1NVVY5Mu2ZoWEw8g==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2334689&time=1732904904682&url=https%3A%2F%2Fde.carpay-diem.com%2F&e_ipv6=AQKpXiRR7NN5gQAAAZN5Lmi7KF6yUFpO3X5psDEbUHHTCMNXZThAAEAEhhr_Sqgm62vA9IHH
x-msedge-ref
Ref A: E01E6EC7552344F28ACBEDB3A66CC3BF Ref B: FRAEDGE1806 Ref C: 2024-11-29T18:28:24Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYoEV1I+d1mp7EdL+w3Zg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 29 Nov 2024 18:28:24 GMT
699844197459702
connect.facebook.net/signals/config/
77 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/699844197459702?v=2.9.176&r=stable&domain=de.carpay-diem.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
4f4ee39755fd346689e29a04a8103d1e637231a26f6c38c05467e9ba08d9f25c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-f84fztB8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-f84fztB8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=77, mss=1232, tbw=70877, tp=67, tpl=0, uplat=281, ullat=0
pragma
public
x-fb-debug
CMRoJFYnR6QQV+wqyeCEPIyGU/daTfBpUoiqf56tC3u5YC/EBa183XwU7WB9MdjVlb0hAblQ+Eft2+Vd75kKAw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
tr.lfeeder.com/
43 B
338 B
Image
General
Full URL
https://tr.lfeeder.com/?sid=kn9Eq4RPZd08RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIiJdLCJnYU1lYXN1cmVtZW50SWRzIjpbIkctQ1ZUME1IU1E3SiJdLCJnYUNsaWVudElkcyI6WyI3MDgxNDgxODcuMTczMjkwNDkwNSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjY0LjEifSwicGFnZVVybCI6Imh0dHBzOi8vZGUuY2FycGF5LWRpZW0uY29tLyIsInBhZ2VUaXRsZSI6IkNhclBheS1EaWVtIHwgVGFua2VuIG1pdCBTbWFydHBob25lIG9kZXIgRmFocnpldWciLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImI1MjE1ZWVhMjlkMjI1ZDQiLCJzY3JpcHRJZCI6ImtuOUVxNFJQWmQwOFJsdlAiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjdiYTk2OGQwOThlNzNjYWMuMTczMjkwNDkwNDc3MCIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ==
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-123.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cross-origin-resource-policy
cross-origin
via
1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-cache
LambdaGeneratedResponse from cloudfront
content-length
43
x-amz-cf-id
S4qHN66qm8vlWcoZ07n3EjgF2Zuy7Yum86nM02INsXX5MhmlhGI6DA==
date
Fri, 29 Nov 2024 18:28:24 GMT
content-type
image/gif
x-amz-cf-pop
MUC50-P2
server
CloudFront
vary
Origin
en
client.axept.io/pack/
9 KB
3 KB
Fetch
General
Full URL
https://client.axept.io/pack/en
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:a400:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ campsi
Resource Hash
b0b8b4bd7a13aff3667a582da4ddd807a13cf89f8cbf49a513ea8db56135260e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

x-amz-cf-id
AJm8Ru7p4agz3VmK5DTXbUsxdPJ89RJUFTOkxZO3VPlUhE6qmQ4xUQ==
content-encoding
gzip
etag
W/"2599-nx76wYI8HDyZyvl+HeQAdU8Q8xY"
age
65759
via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 00:12:25 GMT
content-type
application/json; charset=utf-8
x-powered-by
campsi
vary
Accept-Encoding
x-amz-cf-pop
MUC50-P3
bframe
www.google.com/recaptcha/api2/ Frame 5480
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcvZ6YpAAAAAOI8pC2QGPESs3sm5DpnI6OQfYfI
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lZTc1HL-bIw_jQFBxjhd9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de.carpay-diem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lZTc1HL-bIw_jQFBxjhd9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Nov 2024 18:28:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=699844197459702&ev=PageView&dl=https%3A%2F%2Fde.carpay-diem.com%2F&rl=&if=false&ts=1732904905053&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732904905051.328503862373768359&cs_est=true&ler=empty&cdl=API_unavailable&it=1732904904705&coo=false&rqm=GET
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4473, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 18:28:25 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
197 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=699844197459702&ev=PageView&dl=https%3A%2F%2Fde.carpay-diem.com%2F&rl=&if=false&ts=1732904905053&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732904905051.328503862373768359&cs_est=true&ler=empty&cdl=API_unavailable&it=1732904904705&coo=false&rqm=FGET
Requested by
Host: de.carpay-diem.com
URL: https://de.carpay-diem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442769894298475283"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XhURyjWC9FCXXpRzN/BELrLBye9Y7BJZW6WeacD8DlqrEZJGP5eMyek2Tz759EfeBUddHnkhjCGM7d2ffl50mQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442769894298475283", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4841, tp=13, tpl=0, uplat=168, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
px.ads.linkedin.com/wa/
0
197 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de.carpay-diem.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 29362D4E669C4C5C93816B455A4F833B Ref B: FRAEDGE1806 Ref C: 2024-11-29T18:28:25Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYoEV1QPI+fi0fMmjugvg==
x-li-proto
http/2
access-control-allow-origin
https://de.carpay-diem.com
x-cache
CONFIG_NOCACHE
date
Fri, 29 Nov 2024 18:28:25 GMT
vary
Origin
642192dc9fac235c7c8250b7_Frame%20401159.png
cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/
715 B
1 KB
Other
General
Full URL
https://cdn.prod.website-files.com/641b2068e70beb73dbc4d6b4/642192dc9fac235c7c8250b7_Frame%20401159.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339f1f6f3c569d0ada78ff10d9b95d0dae34824db740672bc1b4e44b9a138546

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

cf-cache-status
HIT
etag
"b40fe149c3704a2f14b5bb88fefbfa48"
x-amz-version-id
VujsJ_w.fTz1Mt7iTU0lqImDRRiX320D
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 18:28:25 GMT
content-type
image/png
last-modified
Mon, 27 Mar 2023 12:58:05 GMT
vary
Accept-Encoding
x-amz-id-2
0eyAaWIYPBqMSi3bSFNTyylL8Z1t5spr8I7tTPcPj0T7QlVPo83jzYuZlqwA7jSanKLgghHkVxo/6U8uh2t526S9zTcf9Gy5Qx/PdfUjmIM=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
QB3P6HZFCZ7TNEMH
cf-ray
8ea4a84bbf3b5c0e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
715
server
cloudflare
x-amz-server-side-encryption
AES256
d35cbf0e-80e7-4b22-b1f0-22a6f9371134.png
axeptio.imgix.net/2022/01/
25 KB
25 KB
Image
General
Full URL
https://axeptio.imgix.net/2022/01/d35cbf0e-80e7-4b22-b1f0-22a6f9371134.png?bg=194e76&w=200&mask=https://axeptio.imgix.net/2022/01/64b1005a-e876-41b8-ab0b-5cef6f8a6caf.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
762edb86c3c59ab2bc496dc6e9a57518f23e5e77dce4be66c029c38a3634ef39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

x-served-by
cache-chi-klot8100058-CHI, cache-fra-etou8220043-FRA, cache-cph2320032-CPH
cache-control
public, max-age=31536000
timing-allow-origin
*
age
1860170
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT, MISS
content-length
25192
date
Fri, 29 Nov 2024 18:28:28 GMT
last-modified
Fri, 08 Nov 2024 05:45:38 GMT
content-type
image/png
server
imgix
x-imgix-id
53235ec6864ebb77ebc459faaa317b041b9c509f
icon-cookies.png
axeptio.imgix.net/2018/12/
9 KB
9 KB
Image
General
Full URL
https://axeptio.imgix.net/2018/12/icon-cookies.png?auto=format&fit=crop&w=170&h=auto&dpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bb13cdfd1cc35ed5517698de1e0b5addf5ddce53444c1714fd00aa788faa18d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de.carpay-diem.com/

Response headers

age
2009006
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 18:28:28 GMT
last-modified
Wed, 06 Nov 2024 12:25:02 GMT
x-served-by
cache-fra-etou8220098-FRA, cache-cph2320032-CPH
vary
Accept, User-Agent
content-type
image/avif
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
9210
server
imgix
x-imgix-id
3b4562a0ae3f2787598b997d973352087fb82fce

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| WebFont function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Weglot function| updateSW5DropdownLinks function| $ function| jQuery function| tram object| Webflow object| axeptioSettings object| recaptcha object| closure_lm_679343 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq function| ldfdr object| fs function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_axeptio_widget_client function| setImmediate function| clearImmediate object| regeneratorRuntime object| __axeptioSDK object| _axcb object| axeptioSDK string| axeptioBuildTimestamp function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaData object| __gaConnectorEventsEmitted function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton object| ORIBILI

12 Cookies

Domain/Path Name / Value
.prod.website-files.com/ Name: __cf_bm
Value: S4njLh4HDRE4dR2Op0EP_487rjBbwX6n2M3eJcbkWFU-1732904903-1.0.1.1-N8n8fc91w564wMW17s.BRubDBC0cgwg6zvdYtUls1CfLVV2_Ku8uQnE_W_EOK_7mt8VRmaI5vUaTyT7TMmUtYg
.carpay-diem.com/ Name: _ga_CVT0MHSQ7J
Value: GS1.1.1732904904.1.0.1732904904.60.0.0
de.carpay-diem.com/ Name: axeptio_cookies
Value: {%22$$token%22:%223vpdgmjx5riykq4zjyhrhm%22%2C%22$$date%22:%222024-11-29T18:28:24.600Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
de.carpay-diem.com/ Name: axeptio_authorized_vendors
Value: %2C%2C
de.carpay-diem.com/ Name: axeptio_all_vendors
Value: %2C%2C
.carpay-diem.com/ Name: _ga
Value: GA1.2.708148187.1732904905
.carpay-diem.com/ Name: _gid
Value: GA1.2.882596437.1732904905
.carpay-diem.com/ Name: _lfa
Value: LF1.1.7ba968d098e73cac.1732904904770
.linkedin.com/ Name: bcookie
Value: "v=2&67010ad5-4523-4a0d-82a9-52ee3b057eb3"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzI5MDQ5MDQ7MjswMjH0dgub284m94NlEFOEzfekGrBZDZ61wIL+F8rehQWkDQ==
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2929:u=1:x=1:i=1732904904:t=1732991304:v=2:sig=AQEqTJ8NsXSMyU0XfROjgRMmfL1Z_LUr"
.carpay-diem.com/ Name: _fbp
Value: fb.1.1732904905051.328503862373768359

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.weglot.com
axeptio.imgix.net
cdn.prod.website-files.com
cdn.weglot.com
client.axept.io
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
de.carpay-diem.com
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sc.lfeeder.com
snap.licdn.com
static.axept.io
stats.g.doubleclick.net
tr.lfeeder.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.160.117
108.138.34.60
108.138.36.123
13.107.42.14
142.250.185.100
142.250.186.131
157.240.253.1
157.240.253.35
172.217.18.3
172.217.18.4
172.64.149.114
2001:4860:4802:34::36
216.58.206.67
2600:9000:2165:1400:1c:f638:2940:93a1
2600:9000:225b:6800:4:d7e1:700:93a1
2600:9000:26db:a400:19:61a3:b200:93a1
2606:4700:4400::6812:2866
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:400c:c00::9b
2a02:26f0:3500:10::210:a99
2a04:4e42::720
06f25a6cb46e1721990c5b8832e991a7893be50a5bbe272f203df30356e826c6
18376aeee79bf6c6a25e3f7e34ad17041c4ff48d5dd68a8195c6e4cfe0c44fd1
1bcc0a00ef105f4528b0d7a4a7c7105752a3c4287a56916e847d5de67d85c039
1c60cff9f1f7bb8ae2e968b7b1b93ae0f0ab44dd213e66a57f087ec43626a2a2
1e66faff176fc7fd7e72820338021fec22b79af5bd8116564a10aa2b43325055
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
269b20a33a7c94dc8c2e95de4bfc87921c0559554adb3684877af43efcce2b35
2d172f5e4931a34925f9df7de4fae69ec51fd3fae9afe64af7d3304742ca2cbe
2df58e011d38907099375baf78350dd08cc799f4b78ade98de437949a28898bc
339f1f6f3c569d0ada78ff10d9b95d0dae34824db740672bc1b4e44b9a138546
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dbaa9ff18bb2692b72fcdf305c761008276a97c68248b4b581115a291e9a2ff
4f4ee39755fd346689e29a04a8103d1e637231a26f6c38c05467e9ba08d9f25c
51a91cd7779dbae9848793227ad2fe5815ce4f3fa2a04f4f9f8181871728ed31
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
6e25ea5fbab9c57c298317c53bbee62bf016f07c1e06a405b34d7af36355a462
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
70de7c760f48d8d453a56faaa36ca7e02217d66f2cd4666da63dd5d5c13aabfd
71fb4cb49dac0b6dea34272cf0efcaf7b3b4ec6a306a9fe92e50877392246a91
762edb86c3c59ab2bc496dc6e9a57518f23e5e77dce4be66c029c38a3634ef39
7ee414d43cc52a367c4c9e93dd750d84001dde981cf1fc6ef5e1ef836df308be
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8660ac11bc22d4b985ba22bbe573fa08e40ac939c9a9902be71551a2b692ccf8
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
908c033b72ba02262cfa3575971d449c0e6868dbbef0874c332075ee9d72f16f
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9d52f447ff8f81e16913641252194afe600a9100ed42a603796582d0f15482da
a458047b82f88ea6ecc145fc93030a84349765a15772b5e26de9fa0e78f9299a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0b8b4bd7a13aff3667a582da4ddd807a13cf89f8cbf49a513ea8db56135260e
b0d16c2445003ebafe1db889081919f025d3ae513f2b72eeab2920d5905b0849
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb13cdfd1cc35ed5517698de1e0b5addf5ddce53444c1714fd00aa788faa18d0
c4fd7db982d2e6f1128e4683e8e9a9199bd66d787e622e4eaca07c13010ff2da
cc2abc32b3edd375272b2f386a970d773817c90bad11f6f313d9f40e6988c31d
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
d7834a78043c5f67325befc44dafa946e730b41747c3caf5ce6df129a1ac3760
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed527fdca0fed4b8ef53f20c293b5d0a375ac5a06942ab2260d5abfce71ae2ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3259cb68fda51b17ece2636c716428d651cdbbb37ec92c72de42b873f700279
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fad852bd74f33061547c8732ac7d02570ac1b5cac796da4c961f030db234a315
fc5f2da34f88c31b55a094040dec5f3b3cd55eaeb05d048443dce94c150e8124